From de98bb4d2ce43e7e2c8d4c46261784fc0e048e79 Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Thu, 19 Nov 2015 15:48:37 +0000
Subject: [PATCH] (IDS) ...and finally, generate rule including action

---
 src/opnsense/scripts/suricata/installRules.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/opnsense/scripts/suricata/installRules.py b/src/opnsense/scripts/suricata/installRules.py
index a5d2d4909..d2fe8bcfb 100755
--- a/src/opnsense/scripts/suricata/installRules.py
+++ b/src/opnsense/scripts/suricata/installRules.py
@@ -74,10 +74,18 @@ if __name__ == '__main__':
 
                 # generate altered rule
                 if 'enabled' in rule_updates[rule_info_record['metadata']['sid']]:
+                    # enabled / disabled in configuration
                     if (rule_updates[rule_info_record['metadata']['sid']]['enabled']) == '0':
                         rule = ('#%s' % rule[i:])
                     else:
                         rule = rule[i:]
+                if 'action' in rule_updates[rule_info_record['metadata']['sid']]:
+                    # (new) action in configuration
+                    new_action = rule_updates[rule_info_record['metadata']['sid']]['action']
+                    if rule[0] == '#':
+                        rule = '#%s %s' % (new_action, ' '.join(rule.split(' ')[1:]))
+                    else:
+                        rule = '%s %s' % (new_action, ' '.join(rule.split(' ')[1:]))
 
             output_data.append(rule)