aboutsummaryrefslogtreecommitdiffstats
path: root/config/suricata
diff options
context:
space:
mode:
authorbmeeks8 <bmeeks8@bellsouth.net>2014-10-10 16:21:15 -0400
committerbmeeks8 <bmeeks8@bellsouth.net>2014-12-15 12:12:00 -0500
commitb809f3b206086fb4b92c6737c018145f2fd001b5 (patch)
tree1d0c8fb60fcf9a54d348dcba78b6613d61ad65fb /config/suricata
parent8cfa82037d2e5dc2801e798961e305233c19ba89 (diff)
downloadpfsense-packages-b809f3b206086fb4b92c6737c018145f2fd001b5.tar.gz
pfsense-packages-b809f3b206086fb4b92c6737c018145f2fd001b5.tar.bz2
pfsense-packages-b809f3b206086fb4b92c6737c018145f2fd001b5.zip
Fix logic problem with SELECT_ALL and IPS Policy selection.
Diffstat (limited to 'config/suricata')
-rw-r--r--config/suricata/suricata_rulesets.php28
1 files changed, 27 insertions, 1 deletions
diff --git a/config/suricata/suricata_rulesets.php b/config/suricata/suricata_rulesets.php
index 6212f46a..c4e5cbf4 100644
--- a/config/suricata/suricata_rulesets.php
+++ b/config/suricata/suricata_rulesets.php
@@ -169,17 +169,43 @@ if ($_POST["save"]) {
suricata_sync_on_changes();
}
elseif ($_POST['unselectall']) {
+ if ($_POST['ips_policy_enable'] == "on") {
+ $a_nat[$id]['ips_policy_enable'] = 'on';
+ $a_nat[$id]['ips_policy'] = $_POST['ips_policy'];
+ }
+ else {
+ $a_nat[$id]['ips_policy_enable'] = 'off';
+ unset($a_nat[$id]['ips_policy']);
+ }
+
+ $pconfig['autoflowbits'] = $_POST['autoflowbits'];
+ $pconfig['ips_policy_enable'] = $_POST['ips_policy_enable'];
+ $pconfig['ips_policy'] = $_POST['ips_policy'];
+
// Remove all but the default events and files rules
$enabled_rulesets_array = array();
$enabled_rulesets_array = implode("||", $default_rules);
$savemsg = gettext("All rule categories have been de-selected. ");
- if ($_POST['ips_policy_enable'])
+ if ($_POST['ips_policy_enable'] == "on")
$savemsg .= gettext("Only the rules included in the selected IPS Policy will be used.");
else
$savemsg .= gettext("There currently are no inspection rules enabled for this Suricata instance!");
}
elseif ($_POST['selectall']) {
+ if ($_POST['ips_policy_enable'] == "on") {
+ $a_nat[$id]['ips_policy_enable'] = 'on';
+ $a_nat[$id]['ips_policy'] = $_POST['ips_policy'];
+ }
+ else {
+ $a_nat[$id]['ips_policy_enable'] = 'off';
+ unset($a_nat[$id]['ips_policy']);
+ }
+
+ $pconfig['autoflowbits'] = $_POST['autoflowbits'];
+ $pconfig['ips_policy_enable'] = $_POST['ips_policy_enable'];
+ $pconfig['ips_policy'] = $_POST['ips_policy'];
+
// Start with the required default events and files rules
$enabled_rulesets_array = $default_rules;