diff options
| author | bmeeks8 <bmeeks8@bellsouth.net> | 2014-09-09 14:12:10 -0400 |
|---|---|---|
| committer | bmeeks8 <bmeeks8@bellsouth.net> | 2014-09-09 14:12:10 -0400 |
| commit | c389696337b68378965716fb75b9f15cf4fdc17b (patch) | |
| tree | 47144b312dd0afbe37eb8c3b1a221b51e74ac651 /config/snort | |
| parent | d13557cd988c17b2eaddb6611b315244dd3865a3 (diff) | |
| download | pfsense-packages-c389696337b68378965716fb75b9f15cf4fdc17b.tar.gz pfsense-packages-c389696337b68378965716fb75b9f15cf4fdc17b.tar.bz2 pfsense-packages-c389696337b68378965716fb75b9f15cf4fdc17b.zip | |
Fix duplicate UUID when cloning a Snort interface.
Diffstat (limited to 'config/snort')
| -rwxr-xr-x | config/snort/snort_interfaces_edit.php | 9 | ||||
| -rw-r--r-- | config/snort/snort_post_install.php | 36 |
2 files changed, 42 insertions, 3 deletions
diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php index fb573a73..b272d895 100755 --- a/config/snort/snort_interfaces_edit.php +++ b/config/snort/snort_interfaces_edit.php @@ -206,7 +206,7 @@ if ($_POST["save"] && !$input_errors) { if ($_POST['externallistname']) $natent['externallistname'] = $_POST['externallistname']; else unset($natent['externallistname']); if ($_POST['suppresslistname']) $natent['suppresslistname'] = $_POST['suppresslistname']; else unset($natent['suppresslistname']); if ($_POST['alertsystemlog'] == "on") { $natent['alertsystemlog'] = 'on'; }else{ $natent['alertsystemlog'] = 'off'; } - if ($_POST['configpassthru']) $natent['configpassthru'] = base64_encode($_POST['configpassthru']); else unset($natent['configpassthru']); + if ($_POST['configpassthru']) $natent['configpassthru'] = base64_encode(str_replace("\r\n", "\n", $_POST['configpassthru'])); else unset($natent['configpassthru']); if ($_POST['cksumcheck']) $natent['cksumcheck'] = 'on'; else $natent['cksumcheck'] = 'off'; if ($_POST['fpm_split_any_any'] == "on") { $natent['fpm_split_any_any'] = 'on'; }else{ $natent['fpm_split_any_any'] = 'off'; } if ($_POST['fpm_search_optimize'] == "on") { $natent['fpm_search_optimize'] = 'on'; }else{ $natent['fpm_search_optimize'] = 'off'; } @@ -223,9 +223,9 @@ if ($_POST["save"] && !$input_errors) { } else $snort_start = false; - exec("mv -f {$snortlogdir}/snort_{$oif_real}{$a_rule[$id]['uuid']} {$snortlogdir}/snort_{$if_real}{$a_rule[$id]['uuid']}"); + @rename("{$snortlogdir}/snort_{$oif_real}{$a_rule[$id]['uuid']}", "{$snortlogdir}/snort_{$if_real}{$a_rule[$id]['uuid']}"); conf_mount_rw(); - exec("mv -f {$snortdir}/snort_{$a_rule[$id]['uuid']}_{$oif_real} {$snortdir}/snort_{$a_rule[$id]['uuid']}_{$if_real}"); + @rename("{$snortdir}/snort_{$a_rule[$id]['uuid']}_{$oif_real}", "{$snortdir}/snort_{$a_rule[$id]['uuid']}_{$if_real}"); conf_mount_ro(); } $a_rule[$id] = $natent; @@ -234,6 +234,9 @@ if ($_POST["save"] && !$input_errors) { // Duplicating a new interface, so set flag to build new rules $rebuild_rules = true; + // Duplicating an interface, so need to generate a new UUID for the cloned interface + $natent['uuid'] = snort_generate_id(); + // Add the new duplicated interface configuration to the [rule] array in config $a_rule[] = $natent; } diff --git a/config/snort/snort_post_install.php b/config/snort/snort_post_install.php index c1be72cc..0650d187 100644 --- a/config/snort/snort_post_install.php +++ b/config/snort/snort_post_install.php @@ -45,6 +45,7 @@ require_once("/usr/local/pkg/snort/snort.inc"); global $config, $g, $rebuild_rules, $pkg_interface, $snort_gui_include; $snortdir = SNORTDIR; +$snortlogdir = SNORTLOGDIR; $snortlibdir = SNORTLIBDIR; $rcdir = RCFILEPREFIX; @@ -114,6 +115,41 @@ $snort_widget_container = "snort_alerts-container:col2:close"; if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') { log_error(gettext("[Snort] Saved settings detected... rebuilding installation with saved settings...")); update_status(gettext("Saved settings detected...")); + + /****************************************************************/ + /* Do test and fix for duplicate UUIDs if this install was */ + /* impacted by the DUP (clone) bug that generated a duplicate */ + /* UUID for the cloned interface. */ + /****************************************************************/ + if (count($config['installedpackages']['snortglobal']['rule']) > 0) { + $uuids = array(); + $snortconf = &$config['installedpackages']['snortglobal']['rule']; + foreach ($snortconf as &$snortcfg) { + // Check for and fix a duplicate UUID + $if_real = get_real_interface($snortcfg['interface']); + if (!isset($uuids[$snortcfg['uuid']])) { + $uuids[$snortcfg['uuid']] = $if_real; + continue; + } + else { + // Found a duplicate UUID, so generate a + // new one for the affected interface. + $old_uuid = $snortcfg['uuid']; + $new_uuid = snort_generate_id(); + if (file_exists("{$snortlogdir}snort_{$if_real}{$old_uuid}/")) + @rename("{$snortlogdir}snort_{$if_real}{$old_uuid}/", "{$snortlogdir}snort_{$if_real}{$new_uuid}/"); + $snortcfg['uuid'] = $new_uuid; + $uuids[$new_uuid] = $if_real; + log_error(gettext("[Snort] updated UUID for interface " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . " from {$old_uuid} to {$new_uuid}.")); + } + } + write_config("Snort pkg: updated interface UUIDs to eliminate duplicates."); + unset($uuids, $rulesets); + } + /****************************************************************/ + /* End of duplicate UUID bug fix. */ + /****************************************************************/ + /* Do one-time settings migration for new multi-engine configurations */ update_output_window(gettext("Please wait... migrating settings to new configuration...")); include('/usr/local/pkg/snort/snort_migrate_config.php'); |