aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2012-07-13 05:10:12 +0000
committerErmal <eri@pfsense.org>2012-07-13 05:10:12 +0000
commit119732ffe8f773538adc2fd5db74a004a4afe3f2 (patch)
tree10646062077c97c7cfea62173978e188170d0eed /config/snort
parent80167e60d36acd613a083bbea6e2fbfd5f180f89 (diff)
downloadpfsense-packages-119732ffe8f773538adc2fd5db74a004a4afe3f2.tar.gz
pfsense-packages-119732ffe8f773538adc2fd5db74a004a4afe3f2.tar.bz2
pfsense-packages-119732ffe8f773538adc2fd5db74a004a4afe3f2.zip
Rather than unlinking/writing to a file opened by snort. Truncate it.
Diffstat (limited to 'config/snort')
-rw-r--r--config/snort/snort.inc13
-rw-r--r--config/snort/snort_alerts.php11
-rw-r--r--config/snort/snort_check_for_rule_updates.php2
3 files changed, 16 insertions, 10 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 48ddb44e..61930111 100644
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -342,13 +342,14 @@ function snort_post_delete_logs($snort_uuid = 0) {
unset($filelist[count($filelist) - 1]);
foreach ($filelist as $file)
@unlink($file);
- $filelist = glob("{$snort_log_dir}/*{$snort_uuid}_{$if_real}.tcpdump.*");
- unset($filelist[count($filelist) - 1]);
- foreach ($filelist as $file)
- @unlink($file);
- if ($value['perform_stat'] == 'on')
- @file_put_contents("{$snort_log_dir}/{$if_real}.stats", "");
+ if ($value['perform_stat'] == 'on') {
+ $fd = fopen("{$snort_log_dir}/{$if_real}.stats", "w");
+ if ($fd) {
+ ftruncate($fd, 0);
+ fclose($fd);
+ }
+ }
}
}
}
diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php
index ffda0342..0c6334d9 100644
--- a/config/snort/snort_alerts.php
+++ b/config/snort/snort_alerts.php
@@ -83,12 +83,17 @@ if ($_GET['action'] == "clear" || $_POST['delete']) {
if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
conf_mount_rw();
snort_post_delete_logs($snort_uuid);
- @file_put_contents("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert", "");
+ $fd = fopen("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert", "w");
+ if ($fd) {
+ @ftruncate($fd, 0);
+ fclose($fd);
+ }
+ conf_mount_ro();
/* XXX: This is needed is snort is run as snort user */
//mwexec('/usr/sbin/chown snort:snort /var/log/snort/*', true);
mwexec('/bin/chmod 660 /var/log/snort/*', true);
- mwexec("/bin/pkill -HUP -F {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid -a");
- conf_mount_ro();
+ if (file_exists("{$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid"))
+ mwexec("/bin/pkill -HUP -F {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid -a");
}
header("Location: /snort/snort_alerts.php?instance={$instanceid}");
exit;
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index 3871b813..2b6d678a 100644
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -356,7 +356,7 @@ function oinkmaster_run($if_real, $iface_uuid)
global $config, $g, $snortdir;
if (empty($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_on']) && empty($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_off'])) {
- update_status(gettext("Your first set of rules are being copied..."));
+ update_status(gettext("Your set of rules are being copied..."));
exec("/bin/cp {$snortdir}/rules/* {$snortdir}/snort_{$iface_uuid}_{$if_real}/rules/");
exec("/bin/cp {$snortdir}/classification.config {$snortdir}/snort_{$iface_uuid}_{$if_real}");
exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir}/snort_{$iface_uuid}_{$if_real}");