diff options
author | Ermal <eri@pfsense.org> | 2012-07-11 23:43:41 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2012-07-11 23:43:41 +0000 |
commit | f57cdb06ad1461dd313560bef691f554e0e395e7 (patch) | |
tree | 5156617c52ef5936c7bd36100ef6d45f28989777 /config/snort | |
parent | 25533aba373a0a7eefeeffc75842dc9ae0d2dbe7 (diff) | |
download | pfsense-packages-f57cdb06ad1461dd313560bef691f554e0e395e7.tar.gz pfsense-packages-f57cdb06ad1461dd313560bef691f554e0e395e7.tar.bz2 pfsense-packages-f57cdb06ad1461dd313560bef691f554e0e395e7.zip |
Correct the way ssl preprocessor expect port list
Diffstat (limited to 'config/snort')
-rw-r--r-- | config/snort/snort.inc | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 363f2b71..003e551a 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -1240,6 +1240,7 @@ EOD; $ports[$alias] = $snortcfg["def_{$alias}"]; $portvardef .= "portvar " . strtoupper($alias) . " [" . $ports[$alias] . "]\n"; } + $def_ssl_ports_ignore = str_replace(",", " ", $ports['ssl_ports_ignore']); $snort_preproc = array ( "perform_stat", "http_inspect", "other_preprocs", "ftp_preprocessor", "smtp_preprocessor", @@ -1325,7 +1326,7 @@ preprocessor stream5_icmp: {$snort_preprocessors} # Ignore SSL and Encryption # -preprocessor ssl: ports { {$ports['ssl_ports_ignore']} }, trustservers, noinspect_encrypted +preprocessor ssl: ports { {$def_ssl_ports_ignore} }, trustservers, noinspect_encrypted # Snort Output Logs # {$snortunifiedlogbasic_type} |