diff options
author | bmeeks8 <bmeeks8@bellsouth.net> | 2013-04-10 21:12:33 -0400 |
---|---|---|
committer | bmeeks8 <bmeeks8@bellsouth.net> | 2013-04-10 21:12:33 -0400 |
commit | f98ad28bb5e6c4a364346228a68ef7cee45206d5 (patch) | |
tree | 814fe6a2eca9fec7723dd649885496c3b55e8bd0 /config/snort | |
parent | 231e4a650644337d28007728073b5f36f7dcbd64 (diff) | |
download | pfsense-packages-f98ad28bb5e6c4a364346228a68ef7cee45206d5.tar.gz pfsense-packages-f98ad28bb5e6c4a364346228a68ef7cee45206d5.tar.bz2 pfsense-packages-f98ad28bb5e6c4a364346228a68ef7cee45206d5.zip |
Fix longstanding bug with enable/disable SID code
Diffstat (limited to 'config/snort')
-rwxr-xr-x | config/snort/snort.inc | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index d8a7cc19..6bf73f24 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -1457,9 +1457,17 @@ function snort_load_sid_mods($sids, $value) { /* This function parses the string of */ /* SID values in $sids and returns an */ /* array with the SID as the key and */ - /* passed $value as the value. The SID */ - /* values in $sids are assumed to be */ - /* delimited by "||". */ + /* value. The SID values in $sids are */ + /* assumed to be delimited by "||". */ + /* */ + /* $sids ==> string of SID values from */ + /* saved config file. */ + /* */ + /* $value ==> type of mod (enable or */ + /* disable). Not currently */ + /* utilized, but maintained */ + /* so as not to break legacy */ + /* code elsewhere. */ /*****************************************/ $result = array(); @@ -1468,7 +1476,7 @@ function snort_load_sid_mods($sids, $value) { $tmp = explode("||", $sids); foreach ($tmp as $v) { if (preg_match('/\s\d+/', $v, $match)) - $result[trim($match[0])] = $value; + $result[trim($match[0])] = trim($match[0]); } unset($tmp); @@ -1513,14 +1521,13 @@ function snort_modify_sids(&$rule_map, $snortcfg) { if (!empty($disablesid)) { foreach ($rule_map as $k1 => $rulem) { foreach ($rulem as $k2 => $v) { - if (in_array($k2, $disablesid) && $v['disabled'] == 0) { + if (in_array($k2, $disablesid) && $v['disabled'] == 0) { $rule_map[$k1][$k2]['rule'] = "# " . $v['rule']; $rule_map[$k1][$k2]['disabled'] = 1; } } } } - unset($enablesid, $disablesid); } |