diff options
author | bmeeks8 <bmeeks8@bellsouth.net> | 2014-10-10 16:21:15 -0400 |
---|---|---|
committer | bmeeks8 <bmeeks8@bellsouth.net> | 2014-12-15 12:12:00 -0500 |
commit | b809f3b206086fb4b92c6737c018145f2fd001b5 (patch) | |
tree | 1d0c8fb60fcf9a54d348dcba78b6613d61ad65fb /config/suricata | |
parent | 8cfa82037d2e5dc2801e798961e305233c19ba89 (diff) | |
download | pfsense-packages-b809f3b206086fb4b92c6737c018145f2fd001b5.tar.gz pfsense-packages-b809f3b206086fb4b92c6737c018145f2fd001b5.tar.bz2 pfsense-packages-b809f3b206086fb4b92c6737c018145f2fd001b5.zip |
Fix logic problem with SELECT_ALL and IPS Policy selection.
Diffstat (limited to 'config/suricata')
-rw-r--r-- | config/suricata/suricata_rulesets.php | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/config/suricata/suricata_rulesets.php b/config/suricata/suricata_rulesets.php index 6212f46a..c4e5cbf4 100644 --- a/config/suricata/suricata_rulesets.php +++ b/config/suricata/suricata_rulesets.php @@ -169,17 +169,43 @@ if ($_POST["save"]) { suricata_sync_on_changes(); } elseif ($_POST['unselectall']) { + if ($_POST['ips_policy_enable'] == "on") { + $a_nat[$id]['ips_policy_enable'] = 'on'; + $a_nat[$id]['ips_policy'] = $_POST['ips_policy']; + } + else { + $a_nat[$id]['ips_policy_enable'] = 'off'; + unset($a_nat[$id]['ips_policy']); + } + + $pconfig['autoflowbits'] = $_POST['autoflowbits']; + $pconfig['ips_policy_enable'] = $_POST['ips_policy_enable']; + $pconfig['ips_policy'] = $_POST['ips_policy']; + // Remove all but the default events and files rules $enabled_rulesets_array = array(); $enabled_rulesets_array = implode("||", $default_rules); $savemsg = gettext("All rule categories have been de-selected. "); - if ($_POST['ips_policy_enable']) + if ($_POST['ips_policy_enable'] == "on") $savemsg .= gettext("Only the rules included in the selected IPS Policy will be used."); else $savemsg .= gettext("There currently are no inspection rules enabled for this Suricata instance!"); } elseif ($_POST['selectall']) { + if ($_POST['ips_policy_enable'] == "on") { + $a_nat[$id]['ips_policy_enable'] = 'on'; + $a_nat[$id]['ips_policy'] = $_POST['ips_policy']; + } + else { + $a_nat[$id]['ips_policy_enable'] = 'off'; + unset($a_nat[$id]['ips_policy']); + } + + $pconfig['autoflowbits'] = $_POST['autoflowbits']; + $pconfig['ips_policy_enable'] = $_POST['ips_policy_enable']; + $pconfig['ips_policy'] = $_POST['ips_policy']; + // Start with the required default events and files rules $enabled_rulesets_array = $default_rules; |