diff options
| author | bmeeks8 <bmeeks8@bellsouth.net> | 2014-04-15 11:00:33 -0400 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2014-04-28 08:03:37 +0000 |
| commit | 311be16b46ce02624d0a049e6c384c53ad7d5e3c (patch) | |
| tree | c48d8bcd9310cace64dc66a87f075808cedfd259 | |
| parent | 34cf98243eeedc0e697f20f0caff04ed73e3bd66 (diff) | |
| download | pfsense-packages-311be16b46ce02624d0a049e6c384c53ad7d5e3c.tar.gz pfsense-packages-311be16b46ce02624d0a049e6c384c53ad7d5e3c.tar.bz2 pfsense-packages-311be16b46ce02624d0a049e6c384c53ad7d5e3c.zip | |
Add check to prevent duplicate IP list files on an interface.
| -rw-r--r-- | config/snort/snort_ip_reputation.php | 42 |
1 files changed, 31 insertions, 11 deletions
diff --git a/config/snort/snort_ip_reputation.php b/config/snort/snort_ip_reputation.php index a59021db..6ed78bba 100644 --- a/config/snort/snort_ip_reputation.php +++ b/config/snort/snort_ip_reputation.php @@ -75,13 +75,23 @@ if ($_POST['mode'] == 'blist_add' && isset($_POST['iplist'])) { // Test the supplied IP List file to see if it exists if (file_exists($_POST['iplist'])) { - $a_nat[$id]['blist_files']['item'][] = basename($_POST['iplist']); - write_config(); - $pconfig['blist_files'] = $a_nat[$id]['blist_files']; - $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; + // See if the file is already assigned to the interface + foreach ($a_nat[$id]['blist_files']['item'] as $f) { + if ($f == basename($_POST['iplist'])) { + $input_errors[] = gettext("The file {$f} is already assigned as a blacklist file."); + break; + } + } + if (!$input_errors) { + $a_nat[$id]['blist_files']['item'][] = basename($_POST['iplist']); + write_config("Snort pkg: added new blacklist file for IP REPUTATION preprocessor."); + } } else $input_errors[] = gettext("The file '{$_POST['iplist']}' could not be found."); + + $pconfig['blist_files'] = $a_nat[$id]['blist_files']; + $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; } if ($_POST['mode'] == 'wlist_add' && isset($_POST['iplist'])) { @@ -89,19 +99,29 @@ if ($_POST['mode'] == 'wlist_add' && isset($_POST['iplist'])) { // Test the supplied IP List file to see if it exists if (file_exists($_POST['iplist'])) { - $a_nat[$id]['wlist_files']['item'][] = basename($_POST['iplist']); - write_config(); - $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; - $pconfig['blist_files'] = $a_nat[$id]['blist_files']; + // See if the file is already assigned to the interface + foreach ($a_nat[$id]['wlist_files']['item'] as $f) { + if ($f == basename($_POST['iplist'])) { + $input_errors[] = gettext("The file {$f} is already assigned as a whitelist file."); + break; + } + } + if (!$input_errors) { + $a_nat[$id]['wlist_files']['item'][] = basename($_POST['iplist']); + write_config("Snort pkg: added new whitelist file for IP REPUTATION preprocessor."); + } } else $input_errors[] = gettext("The file '{$_POST['iplist']}' could not be found."); + + $pconfig['blist_files'] = $a_nat[$id]['blist_files']; + $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; } if ($_POST['blist_del'] && is_numericint($_POST['list_id'])) { $pconfig = $_POST; unset($a_nat[$id]['blist_files']['item'][$_POST['list_id']]); - write_config(); + write_config("Snort pkg: deleted blacklist file for IP REPUTATION preprocessor."); $pconfig['blist_files'] = $a_nat[$id]['blist_files']; $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; } @@ -109,7 +129,7 @@ if ($_POST['blist_del'] && is_numericint($_POST['list_id'])) { if ($_POST['wlist_del'] && is_numericint($_POST['list_id'])) { $pconfig = $_POST; unset($a_nat[$id]['wlist_files']['item'][$_POST['list_id']]); - write_config(); + write_config("Snort pkg: deleted whitelist file for IP REPUTATION preprocessor."); $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; $pconfig['blist_files'] = $a_nat[$id]['blist_files']; } @@ -134,7 +154,7 @@ if ($_POST['save']) { $a_nat[$id] = $natent; - write_config(); + write_config("Snort pkg: modified IP REPUTATION preprocessor settings for {$a_nat[$id]['interface']}."); // Update the snort conf file for this interface $rebuild_rules = false; |