diff options
author | bmeeks8 <bmeeks8@bellsouth.net> | 2014-01-13 10:51:45 -0500 |
---|---|---|
committer | bmeeks8 <bmeeks8@bellsouth.net> | 2014-01-13 10:51:45 -0500 |
commit | af4460ff3f18dff763e0a493ac71be37dd814435 (patch) | |
tree | 357bc9cf44654cf1ac366e9244f28d2b8a014b9f /config/snort/snort.inc | |
parent | 8e3a6c43552fa36df9dd19a0dd0db312add43d11 (diff) | |
download | pfsense-packages-af4460ff3f18dff763e0a493ac71be37dd814435.tar.gz pfsense-packages-af4460ff3f18dff763e0a493ac71be37dd814435.tar.bz2 pfsense-packages-af4460ff3f18dff763e0a493ac71be37dd814435.zip |
Incorporate Ermal's comments -- use conf_mount_rw() only where needed.
Diffstat (limited to 'config/snort/snort.inc')
-rwxr-xr-x | config/snort/snort.inc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 91298838..52aaed2a 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -2520,6 +2520,8 @@ function snort_generate_conf($snortcfg) { if (!is_array($config['installedpackages']['snortglobal']['rule'])) return; + conf_mount_rw(); + /* See if we should protect and not modify the preprocessor rules files */ if (!empty($snortcfg['protect_preproc_rules'])) $protect_preproc_rules = $snortcfg['protect_preproc_rules']; @@ -3767,10 +3769,12 @@ EOD; $conf = fopen("{$snortcfgdir}/snort.conf", "w"); if(!$conf) { log_error("Could not open {$snortcfgdir}/snort.conf for writing."); + conf_mount_ro(); return -1; } fwrite($conf, $snort_conf_text); fclose($conf); + conf_mount_ro(); unset($snort_conf_text, $selected_rules_sections, $suppress_file_name, $snort_misc_include_rules, $spoink_type, $snortunifiedlog_type, $alertsystemlog_type); unset($home_net, $external_net, $ipvardef, $portvardef); } |