diff options
Diffstat (limited to 'config/snort/snort_check_for_rule_updates.php')
-rwxr-xr-x | config/snort/snort_check_for_rule_updates.php | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index 842e39d5..0c4543cd 100755 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -203,9 +203,11 @@ function snort_download_file_url($url, $file_out) { } curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); - curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Win64; x64; Trident/6.0)"); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); + curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 Chrome/43.0.2357.65 Safari/537.36"); + curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, "TLSv1.2, TLSv1"); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true); + curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_TIMEOUT, 0); // Use the system proxy server setttings if configured @@ -680,6 +682,12 @@ if ($emergingthreats == 'on') { } } +// If removing deprecated rules categories, then do it +if ($config['installedpackages']['snortglobal']['hide_deprecated_rules'] == "on") { + log_error(gettext("[Snort] Hide Deprecated Rules is enabled. Removing obsoleted rules categories.")); + snort_remove_dead_rules(); +} + function snort_apply_customizations($snortcfg, $if_real) { global $vrt_enabled, $rebuild_rules; |