aboutsummaryrefslogtreecommitdiffstats
path: root/config/suricata/suricata_global.php
diff options
context:
space:
mode:
authorRenato Botelho <renato@netgate.com>2015-07-27 09:35:04 -0300
committerRenato Botelho <renato@netgate.com>2015-07-27 09:35:04 -0300
commit95daa898f2f96e81eb6f912c0d84f62c8e98f306 (patch)
treec7c1d3100f306b95207383f331733449bdaef01b /config/suricata/suricata_global.php
parent51284cb907a4ed1fb26bd9d7cab2a0f67e24059e (diff)
parent5dc936ac2e1b346a35385db74d316c222a3e5de4 (diff)
downloadpfsense-packages-95daa898f2f96e81eb6f912c0d84f62c8e98f306.tar.gz
pfsense-packages-95daa898f2f96e81eb6f912c0d84f62c8e98f306.tar.bz2
pfsense-packages-95daa898f2f96e81eb6f912c0d84f62c8e98f306.zip
Merge pull request #905 from bmeeks8/suricata-2.1.6
Diffstat (limited to 'config/suricata/suricata_global.php')
-rw-r--r--config/suricata/suricata_global.php15
1 files changed, 15 insertions, 0 deletions
diff --git a/config/suricata/suricata_global.php b/config/suricata/suricata_global.php
index 8eea8d2d..013cde3e 100644
--- a/config/suricata/suricata_global.php
+++ b/config/suricata/suricata_global.php
@@ -67,6 +67,7 @@ else {
$pconfig['snortcommunityrules'] = $config['installedpackages']['suricata']['config'][0]['snortcommunityrules'];
$pconfig['snort_rules_file'] = $config['installedpackages']['suricata']['config'][0]['snort_rules_file'];
$pconfig['autogeoipupdate'] = $config['installedpackages']['suricata']['config'][0]['autogeoipupdate'];
+ $pconfig['hide_deprecated_rules'] = $config['installedpackages']['suricata']['config'][0]['hide_deprecated_rules'] == "on" ? 'on' : 'off';
}
// Do input validation on parameters
@@ -99,6 +100,7 @@ if (!$input_errors) {
$config['installedpackages']['suricata']['config'][0]['enable_etopen_rules'] = $_POST['enable_etopen_rules'] ? 'on' : 'off';
$config['installedpackages']['suricata']['config'][0]['enable_etpro_rules'] = $_POST['enable_etpro_rules'] ? 'on' : 'off';
$config['installedpackages']['suricata']['config'][0]['autogeoipupdate'] = $_POST['autogeoipupdate'] ? 'on' : 'off';
+ $config['installedpackages']['suricata']['config'][0]['hide_deprecated_rules'] = $_POST['hide_deprecated_rules'] ? 'on' : 'off';
// If any rule sets are being turned off, then remove them
// from the active rules section of each interface. Start
@@ -135,6 +137,12 @@ if (!$input_errors) {
}
}
+ // If deprecated rules should be removed, then do it
+ if ($config['installedpackages']['suricata']['config'][0]['hide_deprecated_rules'] == "on") {
+ log_error(gettext("[Suricata] Hide Deprecated Rules is enabled. Removing obsoleted rules categories."));
+ suricata_remove_dead_rules();
+ }
+
$config['installedpackages']['suricata']['config'][0]['snort_rules_file'] = $_POST['snort_rules_file'];
$config['installedpackages']['suricata']['config'][0]['oinkcode'] = $_POST['oinkcode'];
$config['installedpackages']['suricata']['config'][0]['etprocode'] = $_POST['etprocode'];
@@ -329,6 +337,13 @@ if ($input_errors)
</table></td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncell"><?php echo gettext("Hide Deprecated Rules Categories"); ?></td>
+ <td width="78%" class="vtable"><input name="hide_deprecated_rules" id="hide_deprecated_rules" type="checkbox" value="yes"
+ <?php if ($pconfig['hide_deprecated_rules']=="on") echo "checked"; ?> />
+ &nbsp;&nbsp;<?php echo gettext("Hide deprecated rules categories in the GUI and remove them from the configuration. Default is ") .
+ "<strong>" . gettext("Not Checked") . "</strong>" . gettext("."); ?></td>
+</tr>
+<tr>
<td colspan="2" valign="top" class="listtopic"><?php echo gettext("Rules Update Settings"); ?></td>
</tr>
<tr>