diff options
| -rw-r--r-- | data/templates/ids/suricata.j2 | 4 | ||||
| -rwxr-xr-x | src/conf_mode/service_suricata.py | 18 |
2 files changed, 11 insertions, 11 deletions
diff --git a/data/templates/ids/suricata.j2 b/data/templates/ids/suricata.j2 index 1bd90b67f..585db93eb 100644 --- a/data/templates/ids/suricata.j2 +++ b/data/templates/ids/suricata.j2 @@ -15,12 +15,12 @@ vars: # more specific is better for alert accuracy and performance address-groups: -{% for (name, value) in suricata['address-group'] %} +{% for (name, value) in suricata['address_group'] %} {{ name }}: "[{{ value | join(',') }}]" {% endfor %} port-groups: -{% for (name, value) in suricata['port-group'] %} +{% for (name, value) in suricata['port_group'] %} {{ name }}: "[{{ value | join(',') }}]" {% endfor %} diff --git a/src/conf_mode/service_suricata.py b/src/conf_mode/service_suricata.py index 06d68a637..69b369e0b 100755 --- a/src/conf_mode/service_suricata.py +++ b/src/conf_mode/service_suricata.py @@ -39,7 +39,7 @@ def get_config(config=None): if not conf.exists(base): return None - suricata = conf.get_config_dict(base, + suricata = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True, with_recursive_defaults=True) return suricata @@ -81,19 +81,19 @@ def verify(suricata): if 'interface' not in suricata: raise ConfigError('No interfaces configured!') - if 'address-group' not in suricata: + if 'address_group' not in suricata: raise ConfigError('No address-group configured!') - if 'port-group' not in suricata: + if 'port_group' not in suricata: raise ConfigError('No port-group configured!') try: - topological_sort(suricata['address-group']) + topological_sort(suricata['address_group']) except (ConfigError,StopIteration) as e: raise ConfigError(f'Invalid address-group: {e}') try: - topological_sort(suricata['port-group']) + topological_sort(suricata['port_group']) except (ConfigError,StopIteration) as e: raise ConfigError(f'Invalid port-group: {e}') @@ -126,12 +126,12 @@ def generate(suricata): return format_group # Format the address group - suricata['address-group'] = map(to_config('address'), - topological_sort(suricata['address-group'])) + suricata['address_group'] = map(to_config('address'), + topological_sort(suricata['address_group'])) # Format the port group - suricata['port-group'] = map(to_config('port'), - topological_sort(suricata['port-group'])) + suricata['port_group'] = map(to_config('port'), + topological_sort(suricata['port_group'])) render(config_file, 'ids/suricata.j2', {'suricata': suricata}) render(rotate_file, 'ids/suricata_logrotate.j2', suricata) |