diff options
author | Ermal <eri@pfsense.org> | 2012-07-16 08:43:35 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2012-07-16 08:43:35 +0000 |
commit | a42356458f46215de8718088c2f9143294532bca (patch) | |
tree | bfa23cabeff8db13f8e2788f9f6fc8d490f87fb5 /config/snort/snort_blocked.php | |
parent | 39e483f9ac54ffd15db993d9bea675879e8f5f8b (diff) | |
download | pfsense-packages-a42356458f46215de8718088c2f9143294532bca.tar.gz pfsense-packages-a42356458f46215de8718088c2f9143294532bca.tar.bz2 pfsense-packages-a42356458f46215de8718088c2f9143294532bca.zip |
Force use of aliases from pfSense for replacing snort var settings. Also make snort var settings generic and overridable in all of its definitions
Diffstat (limited to 'config/snort/snort_blocked.php')
-rw-r--r-- | config/snort/snort_blocked.php | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/config/snort/snort_blocked.php b/config/snort/snort_blocked.php index 70838ed8..b88b85e9 100644 --- a/config/snort/snort_blocked.php +++ b/config/snort/snort_blocked.php @@ -203,10 +203,6 @@ if ($pconfig['brefresh'] == 'on') </tr> <?php /* set the arrays */ - $blocked_ips = ""; - exec('/sbin/pfctl -t snort2c -T show', $blocked_ips); - $blocked_ips_array = array(); - if (!empty($blocked_ips)) { $blocked_ips_array = array(); if (is_array($blocked_ips)) { foreach ($blocked_ips as $blocked_ip) { @@ -215,6 +211,8 @@ if ($pconfig['brefresh'] == 'on') $blocked_ips_array[] = trim($blocked_ip, " \n\t"); } } + $blocked_ips_array = snort_get_blocked_ips(); + if (!empty($blocked_ips_array)) { $tmpblocked = array_flip($blocked_ips_array); $src_ip_list = array(); foreach (glob("/var/log/snort/*/alert") as $alertfile) { @@ -230,12 +228,12 @@ if ($pconfig['brefresh'] == 'on') if (isset($tmpblocked[$fields[6]])) { if (!is_array($src_ip_list[$fields[6]])) $src_ip_list[$fields[6]] = array(); - $src_ip_list[$fields[6]][] = "{$fields[4]} - " . substr($fields[0], 0, -8); + $src_ip_list[$fields[6]][$fields[4]] = "{$fields[4]} - " . substr($fields[0], 0, -8); } if (isset($tmpblocked[$fields[8]])) { if (!is_array($src_ip_list[$fields[8]])) $src_ip_list[$fields[8]] = array(); - $src_ip_list[$fields[8]][] = "{$fields[4]} - " . substr($fields[0], 0, -8); + $src_ip_list[$fields[8]][$fields[4]] = "{$fields[4]} - " . substr($fields[0], 0, -8); } } fclose($fd); |