diff options
author | bmeeks8 <bmeeks8@bellsouth.net> | 2014-02-22 11:16:57 -0500 |
---|---|---|
committer | bmeeks8 <bmeeks8@bellsouth.net> | 2014-02-22 11:16:57 -0500 |
commit | dba0780dfe6de88f84f7c78a64a8f3eb60fecee3 (patch) | |
tree | 5234444bd0971569450b175336bad0a7eba93809 /config | |
parent | de040922497c3ff0f1a77451063de25b3b579393 (diff) | |
download | pfsense-packages-dba0780dfe6de88f84f7c78a64a8f3eb60fecee3.tar.gz pfsense-packages-dba0780dfe6de88f84f7c78a64a8f3eb60fecee3.tar.bz2 pfsense-packages-dba0780dfe6de88f84f7c78a64a8f3eb60fecee3.zip |
Fix it so all ET-Open rules files get correct prefix.
Diffstat (limited to 'config')
-rw-r--r-- | config/suricata/suricata_check_for_rule_updates.php | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/config/suricata/suricata_check_for_rule_updates.php b/config/suricata/suricata_check_for_rule_updates.php index 9aa14f6e..280add7a 100644 --- a/config/suricata/suricata_check_for_rule_updates.php +++ b/config/suricata/suricata_check_for_rule_updates.php @@ -431,17 +431,27 @@ if ($emergingthreats == 'on') { array_map('unlink', glob("{$suricatadir}rules/{$eto_prefix}*ips.txt")); array_map('unlink', glob("{$suricatadir}rules/{$etpro_prefix}*ips.txt")); - // The code below renames ET-Pro files with a prefix, so we + // The code below renames ET files with a prefix, so we // skip renaming the Suricata default events rule files - // that are also bundled in the ET-Pro rules. + // that are also bundled in the ET rules. $default_rules = array( "decoder-events.rules", "files.rules", "http-events.rules", "smtp-events.rules", "stream-events.rules" ); $files = glob("{$tmpfname}/emerging/rules/*.rules"); + // Determine the correct prefix to use based on which + // Emerging Threats rules package is enabled. + if ($etpro == "on") + $prefix = ET_PRO_FILE_PREFIX; + else + $prefix = ET_OPEN_FILE_PREFIX; foreach ($files as $file) { $newfile = basename($file); - if ($etpro == "on" && !in_array($newfile, $default_rules)) - @copy($file, "{$suricatadir}rules/" . ET_PRO_FILE_PREFIX . "{$newfile}"); - else + if (in_array($newfile, $default_rules)) @copy($file, "{$suricatadir}rules/{$newfile}"); + else { + if (strpos($newfile, $prefix) === FALSE) + @copy($file, "{$suricatadir}rules/{$prefix}{$newfile}"); + else + @copy($file, "{$suricatadir}rules/{$newfile}"); + } } /* IP lists for Emerging Threats rules */ $files = glob("{$tmpfname}/emerging/rules/*ips.txt"); |