aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/suricata/suricata.inc19
-rw-r--r--config/suricata/suricata_post_install.php23
2 files changed, 34 insertions, 8 deletions
diff --git a/config/suricata/suricata.inc b/config/suricata/suricata.inc
index 3de6a1d6..73208f61 100644
--- a/config/suricata/suricata.inc
+++ b/config/suricata/suricata.inc
@@ -646,9 +646,10 @@ function suricata_rules_up_install_cron($should_install=true) {
if (suricata_cron_job_exists($command, TRUE, $suricata_rules_up_min, $suricata_rules_up_hr, $suricata_rules_up_mday, $suricata_rules_up_month, $suricata_rules_up_wday, "root"))
return;
- // Else install the new or updated cron job
- if ($should_install)
- install_cron_job($command, $should_install, $suricata_rules_up_min, $suricata_rules_up_hr, $suricata_rules_up_mday, $suricata_rules_up_month, $suricata_rules_up_wday, "root");
+ // Else install the new or updated cron job by removing the
+ // existing job first, then installing the new or updated job.
+ install_cron_job("suricata_check_for_rule_updates.php", false);
+ install_cron_job($command, $should_install, $suricata_rules_up_min, $suricata_rules_up_hr, $suricata_rules_up_mday, $suricata_rules_up_month, $suricata_rules_up_wday, "root");
}
function suricata_loglimit_install_cron($should_install=true) {
@@ -664,7 +665,9 @@ function suricata_loglimit_install_cron($should_install=true) {
if ($should_install && suricata_cron_job_exists("/usr/local/pkg/suricata/suricata_check_cron_misc.inc", TRUE, "*/5"))
return;
- // Else install the new or updated cron job
+ // Else install the new or updated cron job by removing the
+ // existing job first, then installing the new or updated job.
+ install_cron_job("suricata_check_cron_misc.inc", false);
install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_check_cron_misc.inc", $should_install, "*/5");
}
@@ -769,10 +772,10 @@ function suricata_rm_blocked_install_cron($should_install) {
if (suricata_cron_job_exists($command, TRUE, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root"))
return;
- // Else install the new or updated cron job
- if ($should_install) {
- install_cron_job($command, $should_install, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root");
- }
+ // Else install the new or updated cron job by removing the
+ // existing job first, then installing the new or updated job.
+ install_cron_job("{$suri_pf_table}", false);
+ install_cron_job($command, $should_install, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root");
}
function sync_suricata_package_config() {
diff --git a/config/suricata/suricata_post_install.php b/config/suricata/suricata_post_install.php
index 070cf095..b2e7c674 100644
--- a/config/suricata/suricata_post_install.php
+++ b/config/suricata/suricata_post_install.php
@@ -130,6 +130,29 @@ if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] ==
install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_etiqrisk_update.php", TRUE, 0, "*/6", "*", "*", "*", "root");
}
+/*********************************************************/
+/* START OF BUG FIX CODE */
+/* */
+/* Remove any Suricata cron tasks that may have been */
+/* left from a previous uninstall due to a bug that */
+/* saved edited cron tasks as new ones while still */
+/* leaving the original task. Correct cron task */
+/* entries will be recreated below if saved settings */
+/* are detected. */
+/*********************************************************/
+$cron_count = 0;
+$suri_pf_table = SURICATA_PF_TABLE;
+while (suricata_cron_job_exists($suri_pf_table, FALSE)) {
+ install_cron_job($suri_pf_table, false);
+ $cron_count++;
+}
+if ($cron_count > 0)
+ log_error(gettext("[Suricata] Removed {$cron_count} duplicate 'remove_blocked_hosts' cron task(s)."));
+
+/*********************************************************/
+/* END OF BUG FIX CODE */
+/*********************************************************/
+
// remake saved settings if previously flagged
if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] == 'on') {
log_error(gettext("[Suricata] Saved settings detected... rebuilding installation with saved settings..."));