* Restart snort after filter changes

* Flush snort2c table after filter changes
author: Scott Ullrich <sullrich@pfsense.org> 2006-11-19 20:26:55 +0000
committer: Scott Ullrich <sullrich@pfsense.org> 2006-11-19 20:26:55 +0000
commit: 04ecb6af86597cd7963f139367421e01a6fe5388 (patch)
tree: 30837a4336e0aafe24f247df30f632f1eb92dd64 /packages/snort
parent: 78c8b219078e02a8c65f2e2b59e702e9863d68b7 (diff)
download: pfsense-packages-04ecb6af86597cd7963f139367421e01a6fe5388.tar.gz
pfsense-packages-04ecb6af86597cd7963f139367421e01a6fe5388.tar.bz2
pfsense-packages-04ecb6af86597cd7963f139367421e01a6fe5388.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/packages/snort/snort_dynamic_ip_reload.php b/packages/snort/snort_dynamic_ip_reload.php
index 91498112..49f509b4 100644
--- a/packages/snort/snort_dynamic_ip_reload.php
+++ b/packages/snort/snort_dynamic_ip_reload.php
@@ -34,11 +34,15 @@ log_error("[SNORT] Snort_dynamic_ip_reload.php is starting.");
 
 require_once("/usr/local/pkg/snort.inc");
 require_once("service-utils.inc");
+require_once("config.inc");
 
 if($config['interfaces']['wan']['ipaddr'] == "pppoe" or
    $config['interfaces']['wan']['ipaddr'] == "dhcp") {
+		log_error("Dynamic WAN interface present.  Restarting snort due to filter changes.");
 		create_snort_conf();
+		stop_service("snort");
+		mwexec("/sbin/pfctl -t snort2c -T flush");
+		start_service("snort");
 }
 
-
 ?>
 \ No newline at end of file
author	Scott Ullrich <sullrich@pfsense.org>	2006-11-19 20:26:55 +0000
committer	Scott Ullrich <sullrich@pfsense.org>	2006-11-19 20:26:55 +0000
commit	04ecb6af86597cd7963f139367421e01a6fe5388 (patch)
tree	30837a4336e0aafe24f247df30f632f1eb92dd64 /packages/snort
parent	78c8b219078e02a8c65f2e2b59e702e9863d68b7 (diff)
download	pfsense-packages-04ecb6af86597cd7963f139367421e01a6fe5388.tar.gz pfsense-packages-04ecb6af86597cd7963f139367421e01a6fe5388.tar.bz2 pfsense-packages-04ecb6af86597cd7963f139367421e01a6fe5388.zip