1 files changed, 30 insertions, 19 deletions

diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index bec163d7..b9a022fd 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -324,10 +324,11 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false, $extern
 	if (($externallist && $localnet == 'yes') || (!$externallist && (!$whitelist || $localnet == 'yes' || empty($localnet)))) {
 		if (is_ipaddr($snortip)) {
 			if ($snortcfg['interface'] <> "wan") {
-				$sn = get_interface_subnet($snortcfg['interface']);
-				$ip = gen_subnet($snortip, $sn) . "/{$sn}";
-				if (!in_array($ip, $home_net))
-					$home_net[] = $ip;
+				if ($sn = get_interface_subnet($snortcfg['interface'])) {
+					$ip = gen_subnet($snortip, $sn) . "/{$sn}";
+					if (!in_array($ip, $home_net))
+						$home_net[] = $ip;
+				}
 			}
 		}
 	}
@@ -346,10 +347,11 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false, $extern
 	if (($externallist && $localnet == 'yes') || (!$externallist && (!$whitelist || $localnet == 'yes' || empty($localnet)))) {
 		if (is_ipaddrv6($snortip)) {
 			if ($snortcfg['interface'] <> "wan") {
-				$sn = get_interface_subnetv6($snortcfg['interface']);
-				$ip = gen_subnetv6($snortip, $sn). "/{$sn}";
-				if (!in_array($ip, $home_net))
-					$home_net[] = $ip;
+				if ($sn = get_interface_subnetv6($snortcfg['interface'])) {
+					$ip = gen_subnetv6($snortip, $sn). "/{$sn}";
+					if (!in_array($ip, $home_net))
+						$home_net[] = $ip;
+				}
 			}
 		}
 	}
@@ -383,10 +385,11 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false, $extern
 				continue;
 			$subnet = get_interface_ip($int);
 			if (is_ipaddrv4($subnet)) {
-				$sn = get_interface_subnet($int);
-				$ip = gen_subnet($subnet, $sn) . "/{$sn}";
-				if (!in_array($ip, $home_net))
-					$home_net[] = $ip;
+				if ($sn = get_interface_subnet($int)) {
+					$ip = gen_subnet($subnet, $sn) . "/{$sn}";
+					if (!in_array($ip, $home_net))
+						$home_net[] = $ip;
+				}
 			}
 
 			$subnet = get_interface_ipv6($int);
@@ -394,10 +397,11 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false, $extern
 			if (strpos($subnet, "%") !== FALSE)
 				$subnet = substr($subnet, 0, strpos($subnet, "%"));
 			if (is_ipaddrv6($subnet)) {
-				$sn = get_interface_subnetv6($int);
-				$ip = gen_subnetv6($subnet, $sn). "/{$sn}";
-				if (!in_array($ip, $home_net))
-					$home_net[] = $ip;
+				if ($sn = get_interface_subnetv6($int)) {
+					$ip = gen_subnetv6($subnet, $sn). "/{$sn}";
+					if (!in_array($ip, $home_net))
+						$home_net[] = $ip;
+				}
 			}
 
 			// Add link-local address
@@ -814,7 +818,9 @@ function snort_snortloglimit_install_cron($should_install=TRUE) {
 	if ($should_install && snort_cron_job_exists("/usr/local/pkg/snort/snort_check_cron_misc.inc", TRUE, "*/5"))
 		return;
 
-	// Else install the new or updated cron job
+	// Else install the new or updated cron job by removing the
+	// existing job first, then installing the new or updated job.
+	install_cron_job("snort_check_cron_misc.inc", false);
 	install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/snort/snort_check_cron_misc.inc", $should_install, "*/5");
 }
 
@@ -921,7 +927,9 @@ function snort_rm_blocked_install_cron($should_install) {
 
 	// Else install the new or updated cron job
 	if ($should_install) {
-		install_cron_job($command, $should_install, $snort_rm_blocked_min, $snort_rm_blocked_hr, $snort_rm_blocked_mday, $snort_rm_blocked_month, $snort_rm_blocked_wday, "root");
+		// Remove the existing job first, then install the new or updated job
+		install_cron_job("snort2c", false);
+		install_cron_job($command, true, $snort_rm_blocked_min, $snort_rm_blocked_hr, $snort_rm_blocked_mday, $snort_rm_blocked_month, $snort_rm_blocked_wday, "root");
 	}
 }
 
@@ -1009,8 +1017,11 @@ function snort_rules_up_install_cron($should_install) {
 		return;
 
 	// Else install the new or updated cron job
-	if ($should_install)
+	if ($should_install) {
+		// Remove the existing job first, then install the new or updated job
+		install_cron_job("snort_check_for_rule_updates.php", false);
 		install_cron_job($command, $should_install, $snort_rules_up_min, $snort_rules_up_hr, $snort_rules_up_mday, $snort_rules_up_month, $snort_rules_up_wday, "root");
+	}
 }
 
 /* Only run when all ifaces needed to sync. Expects filesystem rw */