Signed-off-by: Stefan Schantl <[email protected]>
---
html/cgi-bin/logs.cgi/ids.dat | 26 ++++++++++++++++----------
1 file changed, 16 insertions(+), 10 deletions(-)
diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat
index deebced21..ef224e3e6 100644
--- a/html/cgi-bin/logs.cgi/ids.dat
+++ b/html/cgi-bin/logs.cgi/ids.dat
@@ -22,6 +22,7 @@ use strict;
my $report_generator_binary = "/usr/bin/suricata-report-generator";
require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/ids-functions.pl";
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
@@ -389,21 +390,26 @@ print <<END
<td valign='top'>
END
;
- if ($sid eq "n/a") {
- print $sid;
- } elsif ($sid < 1000000) {
- # Link to sourcefire if the the rule sid is less than 1000000.
- print "<a href='https://www.snort.org/rule_docs/1-$sid' ";
- print "target='_blank'>$sid</a></td>\n";
- } elsif ($sid >= 2000000 and $sid < 3000000) {
- # Link to emergingthreats if the rule sid is between 2000000
and 3000000.
- print "<a href='https://threatintel.proofpoint.com/sid/$sid' ";
- print "target='_blank'>$sid</a></td>\n";
+
+ # Check if an valid sid has been found.
+ if ($sid ne "n/a") {
+ # Try to get the info url for the sid.
+ my $info_url = &IDS::get_sid_info_url($sid);
+
+ # Check if an url has been obtained.
+ if ($info_url) {
+ print "<a href='$info_url' ";
+ print "target='_blank'>$sid</a>\n";
+ } else {
+ # No external link available.
+ print $sid;
+ }
} else {
# No external link for user defined rules
print $sid;
}
print <<END
+</td>
</tr>
</table><br>
</td></tr>
--
2.47.3
