lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 16:44:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

IDS/IPS: rule-updater. When there's nothing to download, required (extra) files where removed on update, while here, also make sure that required files are also downloaded when not on disk yet.

Browse Source 
ETPro Telemetry uses this to collect its own sids, so we only communicate communicate about alerts actually in this specific set.
This commit is contained in:
Ad Schellevis 2019-07-26 21:36:42 +02:00
parent 43c591c0a9
commit 7a5a573288
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/opnsense/scripts/suricata/rule-updater.py
View File

@ -76,15 +76,17 @@ if __name__ == '__main__':
if rule['metadata_source'] not in metadata_sources:
metadata_sources[rule['metadata_source']] = 0
if 'url' in rule['source']:
full_path = ('%s/%s' % (rule_source_directory, rule['filename'])).replace('//', '/')
if dl.is_supported(url=rule['source']['url']):
if rule['required'] and metadata_sources[rule['metadata_source']] > 0:
if rule['required']:
# Required files are always sorted last in list_rules(), add required when there's at least one
# file selected from the metadata package.
enabled_rulefiles[rule['filename']] = {'filter': ''}
# file selected from the metadata package or not on disk yet.
if metadata_sources[rule['metadata_source']] > 0 or not os.path.isfile(full_path):
enabled_rulefiles[rule['filename']] = {'filter': ''}
if rule['filename'] not in enabled_rulefiles:
full_path = ('%s/%s' % (rule_source_directory, rule['filename'])).replace('//', '/')
if os.path.isfile(full_path):
os.remove(full_path)
if not rule['required']:
if os.path.isfile(full_path):
os.remove(full_path)
else:
input_filter = enabled_rulefiles[rule['filename']]['filter']
if ('username' in rule['source'] and 'password' in rule['source']):