{%- from 'vars/globals.map.jinja' import GLOBALS %}
{%- import_yaml 'idstools/defaults.yaml' as IDSTOOLSDEFAULTS %}
{%- set IDSTOOLSMERGED = salt['pillar.get']('idstools', IDSTOOLSDEFAULTS.idstools, merge=True) %}
{%- if GLOBALS.airgap is sameas true -%}
--merged=/opt/so/rules/nids/all.rules
--local=/opt/so/rules/nids/local.rules
{%-   if GLOBAL.md_engine == "SURICATA" %}
--local=/opt/so/rules/nids/sorules/extraction.rules
--local=/opt/so/rules/nids/sorules/filters.rules
{%-   endif %}
--url=http://{{ GLOBALS.manager }}:7788/rules/emerging-all.rules
--disable=/opt/so/idstools/etc/disable.conf
--enable=/opt/so/idstools/etc/enable.conf
--modify=/opt/so/idstools/etc/modify.conf
{%- else -%}
--suricata-version=6.0
--merged=/opt/so/rules/nids/all.rules
--local=/opt/so/rules/nids/local.rules
{%-   if GLOBALS.md_engine == "SURICATA" %}
--local=/opt/so/rules/nids/sorules/extraction.rules
--local=/opt/so/rules/nids/sorules/filters.rules
{%-   endif %}
--disable=/opt/so/idstools/etc/disable.conf
--enable=/opt/so/idstools/etc/enable.conf
--modify=/opt/so/idstools/etc/modify.conf
{%-   if IDSTOOLSMERGED.config.ruleset == 'ETOPEN' %}
--etopen
{%-   elif IDSTOOLSMERGED.config.ruleset == 'ETPRO' %}
--etpro={{ IDSTOOLSMERGED.config.oinkcode }}
{%-   elif IDSTOOLSMERGED.config.ruleset == 'TALOS' %}
--url=https://www.snort.org/rules/snortrules-snapshot-2983.tar.gz?oinkcode={{ IDSTOOLSMERGED.config.oinkcode }}
{%-   endif %}
{%- endif %}
{%- if IDSTOOLSMERGED.config.urls | length > 0 %}
{%-   for URL in IDSTOOLSMERGED.config.urls %}
--url={{ URL }}
{%-   endfor %}
{%- endif %}