diff options
author | Ermal <eri@pfsense.org> | 2013-01-21 11:35:11 +0100 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2013-01-21 11:35:11 +0100 |
commit | d3bc44b626de35494ee73682591367329516d5d6 (patch) | |
tree | ffca90daf11cf8421582fa726638aa08c8821c6c /config/snort | |
parent | 9364ae8d30859823ef560ab90eb25b6947467ecf (diff) | |
download | pfsense-packages-d3bc44b626de35494ee73682591367329516d5d6.tar.gz pfsense-packages-d3bc44b626de35494ee73682591367329516d5d6.tar.bz2 pfsense-packages-d3bc44b626de35494ee73682591367329516d5d6.zip |
Unset some vars to free memory and some more small corrections
Diffstat (limited to 'config/snort')
-rwxr-xr-x | config/snort/snort.inc | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index ae0ac8cc..d7db399e 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -722,7 +722,7 @@ function sync_snort_package_config() { conf_mount_ro(); } -function build_sid_msg_map($rules_path, $sid_file) { +function snort_build_sid_msg_map($rules_path, $sid_file) { /*************************************************************/ /* This function reads all the rules file in the passed */ @@ -1267,8 +1267,8 @@ function snort_write_flowbit_rules_file(&$flowbit_rules, $rule_file) { @fwrite($fp, "# of the rule to the Suppression List for the interface.\n"); foreach ($flowbit_rules as $k1 => $rule) { foreach ($rule as $k2 => $rule2) { - @fwrite($fp, "\n# Category: " . $rule2['category']); - @fwrite($fp, " GID:" . $k1 . " SID:" . $k2 . "\n"); + @fwrite($fp, "\n# Category: {$rule2['category']}"); + @fwrite($fp, " GID:{$k1} SID:{$k2}\n"); @fwrite($fp, $rule2['rule']); } } @@ -2175,11 +2175,13 @@ EOD; snort_write_enforcing_rules_file($enabled_rules, "{$snortcfgdir}/rules/{$snort_enforcing_rules_file}"); if (file_exists("{$snortcfgdir}/rules/{$snort_enforcing_rules_file}")) $selected_rules_sections = "include \$RULE_PATH/{$snort_enforcing_rules_file}\n"; + unset($enabled_rules); /* If auto-flowbit resolution is enabled, generate the dependent flowbits rules file. */ if ($snortcfg['autoflowbitrules'] == 'on') { $enabled_files[] = "{$snortcfgdir}/rules/{$snort_enforcing_rules_file}"; snort_write_flowbit_rules_file(snort_resolve_flowbits($enabled_files), "{$snortcfgdir}/rules/{$flowbit_rules_file}"); + unset($enabled_files); } /* If we have the depedent flowbits rules file, then include it. */ @@ -2195,7 +2197,7 @@ EOD; /* Build a new sid-msg.map file from the enabled */ /* rules and copy it to the interface directory. */ - build_sid_msg_map("{$snortcfgdir}/rules/", "{$snortcfgdir}/sid-msg.map"); + snort_build_sid_msg_map("{$snortcfgdir}/rules/", "{$snortcfgdir}/sid-msg.map"); $cksumcheck = "all"; if ($snortcfg['cksumcheck'] == 'on') @@ -2292,6 +2294,8 @@ EOD; } fwrite($conf, $snort_conf_text); fclose($conf); + unset($snort_conf_text, $selected_rules_sections, $suppress_file_name, $snort_misc_include_rules, $spoink_type, $snortunifiedlog_type, $alertsystemlog_type); + unset($home_net, $external_net, $vardef, $portvardef); } ?> |