From: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed, 7 Jan 2026 11:11:17 +0000 (+0000)
Subject: lists: Add a priority which is exported to Suricata
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=13fe6aa57c4f85dfdd14f9e826be4e4e95da3f85;p=dbl.git

lists: Add a priority which is exported to Suricata

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/database.sql b/src/database.sql
index be5db53..88943f1 100644
--- a/src/database.sql
+++ b/src/database.sql
@@ -2,7 +2,7 @@
 -- PostgreSQL database dump
 --
 
-\restrict 0x0tldyHgIUyWxgnGUGi115yWYckW02ZTvAqVYxdprpqc4kMhzpMBPkpIKiHQLO
+\restrict 1diYTcUdWXmrci8nOPBU0L49Gy6AtiuIiTy0rir4PbAGglPIHU607lYZcp7rwvf
 
 -- Dumped from database version 17.6 (Debian 17.6-0+deb13u1)
 -- Dumped by pg_dump version 17.6 (Debian 17.6-0+deb13u1)
@@ -157,7 +157,8 @@ CREATE TABLE public.lists (
     updated_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP NOT NULL,
     description text,
     total_domains integer DEFAULT 0 NOT NULL,
-    pending_reports integer DEFAULT 0 NOT NULL
+    pending_reports integer DEFAULT 0 NOT NULL,
+    priority integer DEFAULT 0 NOT NULL
 );
 
 
@@ -587,5 +588,5 @@ ALTER TABLE ONLY public.sources
 -- PostgreSQL database dump complete
 --
 
-\unrestrict 0x0tldyHgIUyWxgnGUGi115yWYckW02ZTvAqVYxdprpqc4kMhzpMBPkpIKiHQLO
+\unrestrict 1diYTcUdWXmrci8nOPBU0L49Gy6AtiuIiTy0rir4PbAGglPIHU607lYZcp7rwvf
 
diff --git a/src/dnsbl/exporters.py b/src/dnsbl/exporters.py
index 4970dcf..26fbe46 100644
--- a/src/dnsbl/exporters.py
+++ b/src/dnsbl/exporters.py
@@ -423,13 +423,23 @@ class SuricataRulesExporter(TextExporter):
 		# Write the header
 		self.write_header(f)
 
-		# XXX Maybe we should look into having different priority for different lists.
-		# For example, blocking some advertising has a lower priority than accessing
-		# a malware/phishing domain.
-
 		# Shift the ID of the list to the higher 16 bits and append the offset
 		sid = self.list.id << 16
 
+		# Map the priority
+		# High Priority
+		if self.list.priority == 3:
+			priority = 1
+		# Medium Priority
+		elif self.list.priority == 2:
+			priority = 2
+		# Low Priority
+		elif self.list.priority == 1:
+			priority = 3
+		# Informational
+		else:
+			priority = 4
+
 		rules = {
 			# DNS
 			"dns" : {
@@ -443,7 +453,7 @@ class SuricataRulesExporter(TextExporter):
 					"load datasets/%s.txt" % self.list.slug,
 				),
 				"classtype" : "policy-violation",
-				"priority"  : "3",
+				"priority"  : priority,
 				"sid"       : sid | 1,
 				"rev"       : "1",
 				"reference" : (
@@ -467,7 +477,7 @@ class SuricataRulesExporter(TextExporter):
 					"load datasets/%s.txt" % self.list.slug,
 				),
 				"classtype" : "policy-violation",
-				"priority"  : "3",
+				"priority"  : priority,
 				"sid"       : sid | 2,
 				"rev"       : "1",
 				"reference" : (
@@ -491,7 +501,7 @@ class SuricataRulesExporter(TextExporter):
 					"load datasets/%s.txt" % self.list.slug,
 				),
 				"classtype" : "policy-violation",
-				"priority"  : "3",
+				"priority"  : priority,
 				"sid"       : sid | 3,
 				"rev"       : "1",
 				"reference" : (
@@ -515,7 +525,7 @@ class SuricataRulesExporter(TextExporter):
 					"load datasets/%s.txt" % self.list.slug,
 				),
 				"classtype" : "policy-violation",
-				"priority"  : "3",
+				"priority"  : priority,
 				"sid"       : sid | 4,
 				"rev"       : "1",
 				"reference" : (
diff --git a/src/dnsbl/lists.py b/src/dnsbl/lists.py
index f192eda..5601840 100644
--- a/src/dnsbl/lists.py
+++ b/src/dnsbl/lists.py
@@ -39,6 +39,13 @@ from .i18n import _
 # Setup logging
 log = logging.getLogger(__name__)
 
+PRIORITIES = {
+	"INFORMATIONAL" : 0,
+	"LOW"           : 1,
+	"MEDIUM"        : 2,
+	"HIGH"          : 3,
+}
+
 class Lists(object):
 	def __init__(self, backend):
 		self.backend = backend
@@ -90,12 +97,18 @@ class Lists(object):
 
 			return slug
 
-	def create(self, name, created_by, license, description=None):
+	def create(self, name, created_by, license, description=None, priority=None):
 		"""
 			Creates a new list
 		"""
 		slug = self._make_slug(name)
 
+		# Map priority
+		try:
+			priority = PRIORITIES[priority]
+		except KeyError as e:
+			raise ValueError("Invalid priority: %s" % priority) from e
+
 		# Create a new list
 		return self.backend.db.insert(
 			List,
@@ -104,6 +117,7 @@ class Lists(object):
 			created_by  = created_by,
 			license     = license,
 			description = description,
+			priority    = priority,
 		)
 
 
@@ -155,6 +169,9 @@ class List(sqlmodel.SQLModel, database.BackendMixin, table=True):
 	# Description
 	description : str
 
+	# Priority
+	priority: int = 0
+
 	# Sources
 	sources : typing.List["Source"] = sqlmodel.Relationship(
 		back_populates="list",
diff --git a/src/scripts/dnsbl.in b/src/scripts/dnsbl.in
index 94d9a66..5136103 100644
--- a/src/scripts/dnsbl.in
+++ b/src/scripts/dnsbl.in
@@ -78,6 +78,8 @@ class CLI(object):
 				help=_("The license of the list"))
 		create.add_argument("--description",
 				help=_("The description of the list"))
+		create.add_argument("--priority", choices=dnsbl.lists.PRIORITIES,
+				help=_("The priority of this list"), default="INFORMATIONAL")
 		create.set_defaults(func=self.__create)
 
 		# delete
@@ -290,6 +292,7 @@ class CLI(object):
 			created_by  = args.created_by,
 			license     = args.license,
 			description = args.description,
+			priority    = args.priority,
 		)
 
 	def __delete(self, backend, args):