From: Wolfgang Hotwagner <sec@feedyourhead.at>
Date: Sun, 10 Dec 2017 15:03:16 +0000 (+0000)
Subject: config: configurable suricata-conf-parameter
X-Git-Tag: 1.0.0b1~11
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=abada5cf415ff399bc74651cbeaa8d38937a87f1;p=thirdparty%2Fsuricata-update.git

config: configurable suricata-conf-parameter

This commit adds the command-line-parameter "suricata-conf" and replaces the hard-coded "/etc/suricata/suricata.yaml".

Ticket: Feature #2350

implemented support for multiple default suricata.yaml-files
---

diff --git a/doc/common-options.rst b/doc/common-options.rst
index da1bff7..bd08cf0 100644
--- a/doc/common-options.rst
+++ b/doc/common-options.rst
@@ -22,6 +22,12 @@
 
    Provide more verbose output.
 
+.. option:: --suricata-conf <path>
+
+   Path to the suricata config file.
+
+   Default: */etc/suricata/suricata.yaml*
+
 .. option:: --suricata <path>
 
    The path to the Suricata program. If not provided
diff --git a/suricata/update/config.py b/suricata/update/config.py
index 7aa99ea..dc912e4 100644
--- a/suricata/update/config.py
+++ b/suricata/update/config.py
@@ -43,11 +43,18 @@ OUTPUT_KEY = "output"
 
 DEFAULT_UPDATE_YAML_PATH = "/etc/suricata/update.yaml"
 
+DEFAULT_SURICATA_YAML_PATH = [
+    "/etc/suricata/suricata.yaml",
+    "/usr/local/etc/suricata/suricata.yaml",
+    "/etc/suricata/suricata-debian.yaml"
+]
+
 DEFAULT_CONFIG = {
     "disable-conf": "/etc/suricata/disable.conf",
     "enable-conf": "/etc/suricata/enable.conf",
     "drop-conf": "/etc/suricata/drop.conf",
     "modify-conf": "/etc/suricata/modify.conf",
+    "suricata-conf": "/etc/suricata/suricata.conf",
     "sources": [],
     LOCAL_CONF_KEY: [],
 
@@ -118,6 +125,11 @@ def init(args):
     _args = args
     _config.update(DEFAULT_CONFIG)
 
+    for suriyaml in DEFAULT_SURICATA_YAML_PATH:
+        if os.path.exists(suriyaml):
+            _config["suricata-conf"] = suriyaml
+            break
+
     if args.config:
         logger.info("Loading %s", args.config)
         with open(args.config, "rb") as fileobj:
diff --git a/suricata/update/main.py b/suricata/update/main.py
index 62a68ef..0070d77 100644
--- a/suricata/update/main.py
+++ b/suricata/update/main.py
@@ -937,6 +937,9 @@ def _main():
     global_parser.add_argument(
         "-c", "--config", metavar="<filename>",
         help="configuration file (default: /etc/suricata/update.yaml)")
+    global_parser.add_argument(
+        "--suricata-conf", metavar="<filename>",
+        help="configuration file (default: /etc/suricata/suricata.yaml)")
     global_parser.add_argument(
         "--suricata", metavar="<path>",
         help="Path to Suricata program")
@@ -1197,11 +1200,11 @@ def _main():
         logger.info("Loading %s.", drop_conf_filename)
         drop_filters += load_drop_filters(drop_conf_filename)
 
-    if os.path.exists("/etc/suricata/suricata.yaml") and \
+    if os.path.exists(config.get("suricata-conf")) and \
        suricata_path and os.path.exists(suricata_path):
-        logger.info("Loading /etc/suricata/suricata.yaml")
+        logger.info("Loading %s",config.get("suricata-conf"))
         suriconf = suricata.update.engine.Configuration.load(
-            "/etc/suricata/suricata.yaml", suricata_path=suricata_path)
+            config.get("suricata-conf"), suricata_path=suricata_path)
         for key in suriconf.keys():
             if key.startswith("app-layer.protocols") and \
                key.endswith(".enabled"):