aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconfig/snort/snort_check_for_rule_updates.php5
-rw-r--r--config/snort/snort_generate_conf.php5
2 files changed, 9 insertions, 1 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index e2ec20e3..929ddad1 100755
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -580,6 +580,11 @@ if ($openappid_detectors == 'on') {
update_status(gettext("Copying md5 signature to snort directory..."));
@copy("{$tmpfname}/{$snort_openappid_filename_md5}", "{$snortdir}/{$snort_openappid_filename_md5}");
}
+ if (!is_dir("{$snort_openappid_path}custom")) {
+ safe_mkdir("{$snort_openappid_path}custom");
+ safe_mkdir("{$snort_openappid_path}custom/lua");
+ touch("{$snort_openappid_path}custom/userappid.conf");
+ }
update_status(gettext("Extraction of Snort OpenAppID detectors completed..."));
$static_output .= gettext(" done.\n");
update_output_window($static_output);
diff --git a/config/snort/snort_generate_conf.php b/config/snort/snort_generate_conf.php
index 6780da0a..a0b5d425 100644
--- a/config/snort/snort_generate_conf.php
+++ b/config/snort/snort_generate_conf.php
@@ -896,6 +896,9 @@ EOD;
$appid_memcap = $snortcfg['sf_appid_mem_cap'] * 1024 * 1024;
$appid_params = "app_detector_dir " . rtrim(SNORT_APPID_ODP_PATH, '/') . ", \\\n\tmemcap {$appid_memcap}";
if ($snortcfg['sf_appid_statslog'] == "on") {
+ if (!file_exists("{$snortlogdir}/snort_{$if_real}{$snort_uuid}/app-stats.log")) {
+ touch("{$snortlogdir}/snort_{$if_real}{$snort_uuid}/app-stats.log");
+ }
$appid_params .= ", \\\n\tapp_stats_filename app-stats.log";
$appid_params .= ", \\\n\tapp_stats_period {$snortcfg['sf_appid_stats_period']}";
$appid_params .= ", \\\n\tapp_stats_rollover_size " . strval($config['installedpackages']['snortglobal']['appid_stats_log_limit_size'] * 1024);
@@ -1271,7 +1274,7 @@ if ($snortcfg['host_attribute_table'] == "on" && !empty($snortcfg['host_attribut
$http_inspect_global = "preprocessor http_inspect: global ";
if ($snortcfg['http_inspect'] == "off")
$http_inspect_global .= "disabled ";
-$http_inspect_global .= "\\\n\tiis_unicode_map unicode.map 1252 \\\n";
+$http_inspect_global .= "\\\n\tiis_unicode_map {$snortdir}/unicode.map 1252 \\\n";
$http_inspect_global .= "\tcompress_depth 65535 \\\n";
$http_inspect_global .= "\tdecompress_depth 65535 \\\n";
if (!empty($snortcfg['http_inspect_memcap']))