From mboxrd@z Thu Jan  1 00:00:00 1970
From: Stefan Schantl <stefan.schantl@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] ids-functions.pl: Introduce file for local rules.
Date: Wed, 22 Jan 2020 14:40:34 +0100
Message-ID: <20200122134034.2729-1-stefan.schantl@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2270846495988471113=="
List-Id: <development.lists.ipfire.org>

--===============2270846495988471113==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This file is to be used, to store customized IDS rules.

Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
---
 config/cfgroot/ids-functions.pl | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index 3fa19fab7..3cfe837db 100644
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -67,6 +67,9 @@ our $ids_page_lock_file =3D "/tmp/ids_page_locked";
 # Location where the rulefiles are stored.
 our $rulespath =3D "/var/lib/suricata";
=20
+# Location to store local rules. This file will not be touched.
+our $local_rules_file =3D "$rulespath/local.rules";
+
 # File which contains the rules to whitelist addresses on suricata.
 our $whitelist_file =3D "$rulespath/whitelist.rules";
=20
@@ -581,6 +584,9 @@ sub _cleanup_rulesdir() {
 		# Skip rules file for whitelisted hosts.
 		next if ("$rulespath/$file" eq $whitelist_file);
=20
+		# Skip rules file with local rules.
+		next if ("$rulespath/$file" eq $local_rules_file);
+
 		# Delete the current processed file, if not, exit this function
 		# and return an error message.
 		unlink("$rulespath/$file") or return "Could not delete $rulespath/$file. $=
!\n";
--=20
2.25.0.rc0


--===============2270846495988471113==--