This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via 16cd2d674ef253f1882bf6793281a3eaa9c0aca4 (commit) via 41fda6cd14ef9c0a72910d296fc7399298125fa3 (commit) from 12cd38896795836c3f4e2c8a661b2c36d444d89a (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 16cd2d674ef253f1882bf6793281a3eaa9c0aca4 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Mar 14 15:56:40 2022 +0000
core165: Rebuild IPS rules
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 41fda6cd14ef9c0a72910d296fc7399298125fa3 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Sun Mar 13 20:27:25 2022 +0100
ids-functions.pl: Do not longer extract all rulefiles in archive.
Only extract rulefiles which are located in a rules directory and/or in the archive root.
This prevents us from extracting experimental or binary rules etc. which often are located in corresponding sub-directories.
Reference: #12794.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/cfgroot/ids-functions.pl | 3 +++ config/rootfiles/core/165/update.sh | 4 ++++ 2 files changed, 7 insertions(+)
Difference in files: diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl index 468efc668..c4edd968d 100644 --- a/config/cfgroot/ids-functions.pl +++ b/config/cfgroot/ids-functions.pl @@ -544,6 +544,9 @@ sub extractruleset ($) {
# Handle rules files. } elsif ($file =~ m/.rules$/) { + # Skip rule files which are not located in the rules directory or archive root. + next unless(($packed_file =~ /^rules//) || ($packed_file !~ ///)); + my $rulesfilename;
# Splitt the filename into chunks. diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh index f505628e4..9598a3a14 100644 --- a/config/rootfiles/core/165/update.sh +++ b/config/rootfiles/core/165/update.sh @@ -129,6 +129,10 @@ ldconfig telinit u /etc/rc.d/init.d/firewall restart
+# Rebuild IPS rules +perl -e "require '/var/ipfire/ids-functions.pl'; &IDS::oinkmaster();" +/etc/init.d/suricata reload + # This update needs a reboot... touch /var/run/need_reboot
hooks/post-receive -- IPFire 2.x development tree