diff options
-rw-r--r-- | config/snort/snort.inc | 12 | ||||
-rw-r--r-- | config/snort/snort_check_for_rule_updates.php | 4 |
2 files changed, 8 insertions, 8 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 3e9a46da..7d2b40e3 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -1319,8 +1319,8 @@ EOD; if (!empty($snort_preproc_libs[$preproc])) { $preproclib = "libsf_" . $snort_preproc_libs[$preproc]; if (!file_exists($snort_dirs['dynamicpreprocessor'] . "{$preproclib}.so")) { - if (file_exists("/usr/local/lib/dynamicpreprocessor/{$preproclib}.so")) { - @copy("/usr/local/lib/dynamicpreprocessor/{$preproclib}.so", $snort_dirs['dynamicpreprocessor'] . "{$preproclib}.so"); + if (file_exists("/usr/local/lib/snort/dynamicpreprocessor/{$preproclib}.so")) { + @copy("/usr/local/lib/snort/dynamicpreprocessor/{$preproclib}.so", "{$snort_dirs['dynamicpreprocessor']}/{$preproclib}.so"); $snort_preprocessors .= $$preproc; $snort_preprocessors .= "\n"; } @@ -1342,11 +1342,11 @@ EOD; $snort_misc_include_rules .= "include {$snortcfgdir}/classification.config\n"; if (is_dir("{$snortcfgdir}/preproc_rules")) { if ($snortcfg['sensitive_data'] == 'on') { - $sedcmd = "s/^# alert\(.*\)classtype:sdf;\(.*\)/alert\1classtype:sdf\2/g"; + $sedcmd = '/^#alert.*classtype:sdf/s/^#//'; if (file_exists("{$snortcfgdir}/preproc_rules/sensitive-data.rules")) $snort_misc_include_rules .= "include \$PREPROC_RULE_PATH/sensitive-data.rules\n"; } else - $sedcmd = "s/^alert\(.*\)classtype:sdf;\(.*\)/# alert\1classtype:sdf\2/g"; + $sedcmd = '/^alert.*classtype:sdf/s/^/#/'; if (file_exists("{$snortcfgdir}/preproc_rules/decoder.rules") && file_exists("{$snortcfgdir}/preproc_rules/preprocessor.rules")) { @file_put_contents("{$g['tmp_path']}/sedcmd", $sedcmd); @@ -1371,8 +1371,8 @@ EOD; if (!empty($snortcfg['rulesets'])) { $enabled_rulesets_array = explode("||", $snortcfg['rulesets']); foreach($enabled_rulesets_array as $enabled_item) { - if (file_exists("{$snortdir}}/rules/{$enabled_item}") && !file_exists("{$snortcfgdir}}/rules/{$enabled_item}")) - @copy("{$snortdir}/rules/{$file}", "{$rule_dir}/rules/{$file}"); + if (file_exists("{$snortdir}/rules/{$enabled_item}") && !file_exists("{$snortcfgdir}/rules/{$enabled_item}")) + @copy("{$snortdir}/rules/{$enabled_item}", "{$snortcfgdir}/rules/{$enabled_item}"); if (substr($enabled_item, 0, 5) == "snort" && substr($enabled_item, -9) == ".so.rules") { $slib = substr($enabled_item, 6, -6); if (!file_exists("{$snort_dirs['dynamicrules']}/{$slib}")) diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index 6221b38f..5b357cb7 100644 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -303,11 +303,11 @@ function snort_apply_customizations($snortcfg, $if_real) { log_error(gettext("Your set of configured rules are being copied...")); $enabled_rulesets_array = explode("||", $snortcfg['rulesets']); foreach($enabled_rulesets_array as $enabled_item) { - @copy("{$snortdir}/rules/{$file}", "{$rule_dir}/rules/{$file}"); + @copy("{$snortdir}/rules/{$enabled_item}", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/rules/{$enabled_item}"); if (substr($enabled_item, 0, 5) == "snort" && substr($enabled_item, -9) == ".so.rules") { $slib = substr($enabled_item, 6, -6); if (file_exists("/usr/local/lib/snort/dynamicrules/{$slib}")) - @copy("/usr/local/lib/snort/dynamicrules/{$slib}", "{$snort_dirs['dynamicrules']}/{$slib}"); + @copy("/usr/local/lib/snort/dynamicrules/{$slib}", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/dynamicrules/{$slib}"); } } |