diff options
author | Ermal <eri@pfsense.org> | 2012-07-13 05:10:12 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2012-07-13 05:10:12 +0000 |
commit | 119732ffe8f773538adc2fd5db74a004a4afe3f2 (patch) | |
tree | 10646062077c97c7cfea62173978e188170d0eed /config/snort | |
parent | 80167e60d36acd613a083bbea6e2fbfd5f180f89 (diff) | |
download | pfsense-packages-119732ffe8f773538adc2fd5db74a004a4afe3f2.tar.gz pfsense-packages-119732ffe8f773538adc2fd5db74a004a4afe3f2.tar.bz2 pfsense-packages-119732ffe8f773538adc2fd5db74a004a4afe3f2.zip |
Rather than unlinking/writing to a file opened by snort. Truncate it.
Diffstat (limited to 'config/snort')
-rw-r--r-- | config/snort/snort.inc | 13 | ||||
-rw-r--r-- | config/snort/snort_alerts.php | 11 | ||||
-rw-r--r-- | config/snort/snort_check_for_rule_updates.php | 2 |
3 files changed, 16 insertions, 10 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 48ddb44e..61930111 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -342,13 +342,14 @@ function snort_post_delete_logs($snort_uuid = 0) { unset($filelist[count($filelist) - 1]); foreach ($filelist as $file) @unlink($file); - $filelist = glob("{$snort_log_dir}/*{$snort_uuid}_{$if_real}.tcpdump.*"); - unset($filelist[count($filelist) - 1]); - foreach ($filelist as $file) - @unlink($file); - if ($value['perform_stat'] == 'on') - @file_put_contents("{$snort_log_dir}/{$if_real}.stats", ""); + if ($value['perform_stat'] == 'on') { + $fd = fopen("{$snort_log_dir}/{$if_real}.stats", "w"); + if ($fd) { + ftruncate($fd, 0); + fclose($fd); + } + } } } } diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php index ffda0342..0c6334d9 100644 --- a/config/snort/snort_alerts.php +++ b/config/snort/snort_alerts.php @@ -83,12 +83,17 @@ if ($_GET['action'] == "clear" || $_POST['delete']) { if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) { conf_mount_rw(); snort_post_delete_logs($snort_uuid); - @file_put_contents("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert", ""); + $fd = fopen("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert", "w"); + if ($fd) { + @ftruncate($fd, 0); + fclose($fd); + } + conf_mount_ro(); /* XXX: This is needed is snort is run as snort user */ //mwexec('/usr/sbin/chown snort:snort /var/log/snort/*', true); mwexec('/bin/chmod 660 /var/log/snort/*', true); - mwexec("/bin/pkill -HUP -F {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid -a"); - conf_mount_ro(); + if (file_exists("{$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid")) + mwexec("/bin/pkill -HUP -F {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid -a"); } header("Location: /snort/snort_alerts.php?instance={$instanceid}"); exit; diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index 3871b813..2b6d678a 100644 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -356,7 +356,7 @@ function oinkmaster_run($if_real, $iface_uuid) global $config, $g, $snortdir; if (empty($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_on']) && empty($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_off'])) { - update_status(gettext("Your first set of rules are being copied...")); + update_status(gettext("Your set of rules are being copied...")); exec("/bin/cp {$snortdir}/rules/* {$snortdir}/snort_{$iface_uuid}_{$if_real}/rules/"); exec("/bin/cp {$snortdir}/classification.config {$snortdir}/snort_{$iface_uuid}_{$if_real}"); exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir}/snort_{$iface_uuid}_{$if_real}"); |