diff options
| author | bmeeks8 <bmeeks8@bellsouth.net> | 2014-09-09 14:12:10 -0400 |
|---|---|---|
| committer | bmeeks8 <bmeeks8@bellsouth.net> | 2014-09-09 14:12:10 -0400 |
| commit | c389696337b68378965716fb75b9f15cf4fdc17b (patch) | |
| tree | 47144b312dd0afbe37eb8c3b1a221b51e74ac651 /config/snort/snort_post_install.php | |
| parent | d13557cd988c17b2eaddb6611b315244dd3865a3 (diff) | |
| download | pfsense-packages-c389696337b68378965716fb75b9f15cf4fdc17b.tar.gz pfsense-packages-c389696337b68378965716fb75b9f15cf4fdc17b.tar.bz2 pfsense-packages-c389696337b68378965716fb75b9f15cf4fdc17b.zip | |
Fix duplicate UUID when cloning a Snort interface.
Diffstat (limited to 'config/snort/snort_post_install.php')
| -rw-r--r-- | config/snort/snort_post_install.php | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/config/snort/snort_post_install.php b/config/snort/snort_post_install.php index c1be72cc..0650d187 100644 --- a/config/snort/snort_post_install.php +++ b/config/snort/snort_post_install.php @@ -45,6 +45,7 @@ require_once("/usr/local/pkg/snort/snort.inc"); global $config, $g, $rebuild_rules, $pkg_interface, $snort_gui_include; $snortdir = SNORTDIR; +$snortlogdir = SNORTLOGDIR; $snortlibdir = SNORTLIBDIR; $rcdir = RCFILEPREFIX; @@ -114,6 +115,41 @@ $snort_widget_container = "snort_alerts-container:col2:close"; if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') { log_error(gettext("[Snort] Saved settings detected... rebuilding installation with saved settings...")); update_status(gettext("Saved settings detected...")); + + /****************************************************************/ + /* Do test and fix for duplicate UUIDs if this install was */ + /* impacted by the DUP (clone) bug that generated a duplicate */ + /* UUID for the cloned interface. */ + /****************************************************************/ + if (count($config['installedpackages']['snortglobal']['rule']) > 0) { + $uuids = array(); + $snortconf = &$config['installedpackages']['snortglobal']['rule']; + foreach ($snortconf as &$snortcfg) { + // Check for and fix a duplicate UUID + $if_real = get_real_interface($snortcfg['interface']); + if (!isset($uuids[$snortcfg['uuid']])) { + $uuids[$snortcfg['uuid']] = $if_real; + continue; + } + else { + // Found a duplicate UUID, so generate a + // new one for the affected interface. + $old_uuid = $snortcfg['uuid']; + $new_uuid = snort_generate_id(); + if (file_exists("{$snortlogdir}snort_{$if_real}{$old_uuid}/")) + @rename("{$snortlogdir}snort_{$if_real}{$old_uuid}/", "{$snortlogdir}snort_{$if_real}{$new_uuid}/"); + $snortcfg['uuid'] = $new_uuid; + $uuids[$new_uuid] = $if_real; + log_error(gettext("[Snort] updated UUID for interface " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . " from {$old_uuid} to {$new_uuid}.")); + } + } + write_config("Snort pkg: updated interface UUIDs to eliminate duplicates."); + unset($uuids, $rulesets); + } + /****************************************************************/ + /* End of duplicate UUID bug fix. */ + /****************************************************************/ + /* Do one-time settings migration for new multi-engine configurations */ update_output_window(gettext("Please wait... migrating settings to new configuration...")); include('/usr/local/pkg/snort/snort_migrate_config.php'); |