diff options
author | Ermal <eri@pfsense.org> | 2012-07-14 16:12:52 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2012-07-14 16:12:52 +0000 |
commit | 74f53520ad340806fcc6081a4a983797c9fab2fa (patch) | |
tree | 634d61ba018f6ea3f6545d797f99869519300bdd /config/snort | |
parent | 0bcb202001b77bec5c9c85517411af84e87174b8 (diff) | |
download | pfsense-packages-74f53520ad340806fcc6081a4a983797c9fab2fa.tar.gz pfsense-packages-74f53520ad340806fcc6081a4a983797c9fab2fa.tar.bz2 pfsense-packages-74f53520ad340806fcc6081a4a983797c9fab2fa.zip |
Fixup some parts of update sid
Diffstat (limited to 'config/snort')
-rw-r--r-- | config/snort/snort_check_for_rule_updates.php | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index e1da6bf3..f1152c10 100644 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -281,7 +281,8 @@ function snort_apply_customizations($snortcfg, $if_real) { @copy("{$snortdir}/classification.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/classification.config"); @copy("{$snortdir}/gen-msg.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/gen-msg.map"); - exec("/bin/cp -r {$snortdir}/generators {$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}"); + if (is_dir("{$snortdir}/generators")) + exec("/bin/cp -r {$snortdir}/generators {$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}"); @copy("{$snortdir}/reference.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/reference.config"); @copy("{$snortdir}/sid", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/sid"); @copy("{$snortdir}/sid-msg.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/sid-msg.map"); @@ -299,18 +300,15 @@ function snort_apply_customizations($snortcfg, $if_real) { $disabled_sids = array_flip($enabled_sid_off_array); } - $files = glob("{$snortdir}/snort_{$snortcfg}_{$if_real}/rules"); + $files = glob("{$snortdir}/snort_{$snortcfg}_{$if_real}/rules/*"); foreach ($files as $file) { $splitcontents = file($file); $changed = false; foreach ( $splitcontents as $counter => $value ) { - $disabled = "False"; - $findme = "# alert"; //find string for disabled alerts - $counter2 = 1; $sid = snort_get_rule_part($value, 'sid:', ';', 0); if (!is_numeric($sid)) continue; - if (isset($enabled_sids[$sid])) { + if (isset($enabled_sids["enablesid {$sid}"])) { if (substr($value, 0, 5) == "alert") /* Rule is already enabled */ continue; @@ -326,7 +324,7 @@ function snort_apply_customizations($snortcfg, $if_real) { $splitcontents[$counter - 1] = substr($value, 2); $changed = true; } - } else if (isset($disabled_sids[$sid])) { + } else if (isset($disabled_sids["disablesid {$sid}"])) { if (substr($value, 0, 7) == "# alert") /* Rule is already disabled */ continue; @@ -344,9 +342,9 @@ function snort_apply_customizations($snortcfg, $if_real) { } } - if ($changed == true) - @file_put_contents($file, implode("\n", $splitcontents)); } + if ($changed == true) + @file_put_contents($file, implode("\n", $splitcontents)); } } } |