aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbmeeks8 <bmeeks8@bellsouth.net>2014-02-22 11:16:57 -0500
committerbmeeks8 <bmeeks8@bellsouth.net>2014-02-22 11:16:57 -0500
commitdba0780dfe6de88f84f7c78a64a8f3eb60fecee3 (patch)
tree5234444bd0971569450b175336bad0a7eba93809
parentde040922497c3ff0f1a77451063de25b3b579393 (diff)
downloadpfsense-packages-dba0780dfe6de88f84f7c78a64a8f3eb60fecee3.tar.gz
pfsense-packages-dba0780dfe6de88f84f7c78a64a8f3eb60fecee3.tar.bz2
pfsense-packages-dba0780dfe6de88f84f7c78a64a8f3eb60fecee3.zip
Fix it so all ET-Open rules files get correct prefix.
-rw-r--r--config/suricata/suricata_check_for_rule_updates.php20
1 files changed, 15 insertions, 5 deletions
diff --git a/config/suricata/suricata_check_for_rule_updates.php b/config/suricata/suricata_check_for_rule_updates.php
index 9aa14f6e..280add7a 100644
--- a/config/suricata/suricata_check_for_rule_updates.php
+++ b/config/suricata/suricata_check_for_rule_updates.php
@@ -431,17 +431,27 @@ if ($emergingthreats == 'on') {
array_map('unlink', glob("{$suricatadir}rules/{$eto_prefix}*ips.txt"));
array_map('unlink', glob("{$suricatadir}rules/{$etpro_prefix}*ips.txt"));
- // The code below renames ET-Pro files with a prefix, so we
+ // The code below renames ET files with a prefix, so we
// skip renaming the Suricata default events rule files
- // that are also bundled in the ET-Pro rules.
+ // that are also bundled in the ET rules.
$default_rules = array( "decoder-events.rules", "files.rules", "http-events.rules", "smtp-events.rules", "stream-events.rules" );
$files = glob("{$tmpfname}/emerging/rules/*.rules");
+ // Determine the correct prefix to use based on which
+ // Emerging Threats rules package is enabled.
+ if ($etpro == "on")
+ $prefix = ET_PRO_FILE_PREFIX;
+ else
+ $prefix = ET_OPEN_FILE_PREFIX;
foreach ($files as $file) {
$newfile = basename($file);
- if ($etpro == "on" && !in_array($newfile, $default_rules))
- @copy($file, "{$suricatadir}rules/" . ET_PRO_FILE_PREFIX . "{$newfile}");
- else
+ if (in_array($newfile, $default_rules))
@copy($file, "{$suricatadir}rules/{$newfile}");
+ else {
+ if (strpos($newfile, $prefix) === FALSE)
+ @copy($file, "{$suricatadir}rules/{$prefix}{$newfile}");
+ else
+ @copy($file, "{$suricatadir}rules/{$newfile}");
+ }
}
/* IP lists for Emerging Threats rules */
$files = glob("{$tmpfname}/emerging/rules/*ips.txt");