Loading rules from config support

16 years ago · a67bd2457b
parent 3233888c65
commit a67bd2457b
4 changed files with 24 additions and 11 deletions
--- a/src/detect.c
+++ b/src/detect.c
@ -208,9 +208,15 @@ int DetectLoadSigFile(DetectEngineCtx *de_ctx, char *sig_file) {
    Signature *sig = NULL;
    int good = 0, bad = 0;

+    if (sig_file == NULL) {
+        SCLogError(SC_INVALID_ARGUMENT, "ERROR opening rule file null.");
+        return -1;
+    }
+
    FILE *fp = fopen(sig_file, "r");
    if (fp == NULL) {
-        printf("ERROR, could not open sigs file\n");
+        SCLogError(SC_ERR_OPENING_RULE_FILE, "ERROR opening rule file %s."
+                   " Check the path and perms.", sig_file);
        return -1;
    }
    char line[8192] = "";
@ -243,6 +249,7 @@ int SigLoadSignatures (DetectEngineCtx *de_ctx, char *sig_file)
    Signature *prevsig = NULL, *sig;
    ConfNode *rule_files;
    ConfNode *file = NULL;
+    int ret = 0;
    int r = 0;
    int cnt = 0;
    int cntf = 0;
@ -284,11 +291,11 @@ int SigLoadSignatures (DetectEngineCtx *de_ctx, char *sig_file)
            sfile = DetectLoadCompleteSigPath(file->val);
            SCLogInfo("Loading rule file: %s", sfile);
            r = DetectLoadSigFile(de_ctx, sfile);
+            cntf++;
            if (r > 0) {
                cnt += r;
-                cntf++;
-            } else {
-                SCLogInfo("Problems loading rule file: %s", sfile);
+            } else if (r == 0){
+                SCLogError(SC_ERR_NO_RULES, "No rules loaded from %s", sfile);
            }
            free(sfile);
        }
@ -298,18 +305,18 @@ int SigLoadSignatures (DetectEngineCtx *de_ctx, char *sig_file)
    if (sig_file != NULL) {
        SCLogInfo("Loading rule file: %s", sig_file);
        r = DetectLoadSigFile(de_ctx, sig_file);
+        cntf++;
        if (r > 0) {
            cnt += r;
-            cntf++;
-        } else {
-            SCLogInfo("Problems loading rule file: %s", sig_file);
+        } else if (r == 0) {
+            SCLogError(SC_ERR_NO_RULES, "No rules loaded from %s", sig_file);
        }
    }

    /* now we should have signatures to work with */
    if (cnt <= 0) {
-        SCLogInfo("No rule file loaded!");
-        return -1;
+        SCLogError(SC_ERR_NO_RULES_LOADED, "%d rule files specified, but no rule was loaded at all!", cntf);
+        ret = -1;
    } else {
        SCLogInfo("%d rules loaded from %d files.", cnt, cntf);
    }
--- a/src/eidps.c
+++ b/src/eidps.c
@ -585,8 +585,7 @@ int main(int argc, char **argv)
    LogFileCtx *au2a_logfile_ctx = Unified2AlertInitCtx(NULL);

    if (SigLoadSignatures(de_ctx, sig_file) < 0) {
-        printf("ERROR: loading signatures failed.\n");
-        exit(EXIT_FAILURE);
+        SCLogError(SC_ERR_NO_RULES_LOADED, "Loading signatures failed.\n");
    }

    struct timeval start_time;
--- a/src/util-error.c
+++ b/src/util-error.c
@ -25,6 +25,10 @@ const char * SCErrorToString(SCError err)
        CASE_CODE (SC_PCRE_PARSE_FAILED);
        CASE_CODE (SC_LOG_MODULE_NOT_INIT);
        CASE_CODE (SC_LOG_FG_FILTER_MATCH_FAILED);
+        CASE_CODE (SC_ERR_OPENING_FILE);
+        CASE_CODE (SC_ERR_OPENING_RULE_FILE);
+        CASE_CODE (SC_ERR_NO_RULES);
+        CASE_CODE (SC_ERR_NO_RULES_LOADED);
        CASE_CODE (SC_COUNTER_EXCEEDED);
        CASE_CODE (SC_INVALID_CHECKSUM);
        CASE_CODE (SC_SPRINTF_ERROR);
--- a/src/util-error.h
+++ b/src/util-error.h
@ -28,6 +28,9 @@ typedef enum {
    SC_INVALID_IPV6_ADDR,
    SC_ERR_INVALID_SIGNATURE,
    SC_ERR_OPENING_FILE,
+    SC_ERR_OPENING_RULE_FILE,
+    SC_ERR_NO_RULES,
+    SC_ERR_NO_RULES_LOADED,
    SC_ERR_FOPEN,
    SC_INITIALIZATION_ERROR,
    SC_THREAD_SPAWN_FAILED,