This function is used to generate a yaml file which take care of the current used DNS configuration and should be included in the main suricata config file.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org --- config/cfgroot/ids-functions.pl | 62 +++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+)
diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl index 94de1373c..54d86f70f 100644 --- a/config/cfgroot/ids-functions.pl +++ b/config/cfgroot/ids-functions.pl @@ -34,6 +34,9 @@ our $used_rulefiles_file = "$settingsdir/suricata-used-rulefiles.yaml"; # File where the addresses of the homenet are stored. our $homenet_file = "$settingsdir/suricata-homenet.yaml";
+# File where the addresses of the used DNS servers are stored. +our $dns_servers_file = "$settingsdir/suricata-dns-servers.yaml"; + # File which contains the enabled sids. our $enabled_sids_file = "$settingsdir/oinkmaster-enabled-sids.conf";
@@ -695,6 +698,65 @@ sub generate_home_net_file() { close(FILE); }
+# +# Function to generate and write the file which contains the configured and used DNS servers. +# +sub generate_dns_servers_file() { + # Open file which contains the current used DNS configuration. + open (FILE, "${General::swroot}/red/dns") or die "Could not read DNS configuration from ${General::swroot}/red/dns. $!\n"; + + # Read-in whole file content and store it in a temporary array. + my @file_content = <FILE>; + + # Close file handle. + close(FILE); + + # Format dns servers declaration. + my $line = ""["; + + # Loop through the array which contains the file content. + foreach my $server (@file_content) { + # Remove newlines. + chomp($server); + + # Check if the current DNS configuration is using the local recursor mode. + if ($server eq "local recursor") { + # The responsible DNS servers on red are directly used, and because we are not able + # to specify each single DNS server address here, we currently have to thread each + # address which is not part of the HOME_NET as possible DNS server. + $line = "$line" . "!$HOME_NET"; + } else { + # Add the DNS server to the line. + $line = "$line" . "$server"; + } + + # Check if the current DNS server was the last in the array. + if ($server eq $file_content[-1]) { + # Close the line. + $line = "$line" . "]""; + } else { + # Add "," for the next DNS server. + $line = "$line" . ","; + } + } + + # Open file to store the used DNS server addresses. + open(FILE, ">$dns_servers_file") or die "Could not open $dns_servers_file. $!\n"; + + # Print yaml header. + print FILE "%YAML 1.1\n"; + print FILE "---\n\n"; + + # Print notice about autogenerated file. + print FILE "#Autogenerated file. Any custom changes will be overwritten!\n"; + + # Print the generated DNS declaration to the file. + print FILE "DNS_SERVERS:\t$line\n"; + + # Close file handle. + close(FILE); +} + # ## Function to generate and write the file for used rulefiles. #