aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort')
-rw-r--r--config/snort/snort_check_for_rule_updates.php16
1 files changed, 7 insertions, 9 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index e1da6bf3..f1152c10 100644
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -281,7 +281,8 @@ function snort_apply_customizations($snortcfg, $if_real) {
@copy("{$snortdir}/classification.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/classification.config");
@copy("{$snortdir}/gen-msg.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/gen-msg.map");
- exec("/bin/cp -r {$snortdir}/generators {$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}");
+ if (is_dir("{$snortdir}/generators"))
+ exec("/bin/cp -r {$snortdir}/generators {$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}");
@copy("{$snortdir}/reference.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/reference.config");
@copy("{$snortdir}/sid", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/sid");
@copy("{$snortdir}/sid-msg.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/sid-msg.map");
@@ -299,18 +300,15 @@ function snort_apply_customizations($snortcfg, $if_real) {
$disabled_sids = array_flip($enabled_sid_off_array);
}
- $files = glob("{$snortdir}/snort_{$snortcfg}_{$if_real}/rules");
+ $files = glob("{$snortdir}/snort_{$snortcfg}_{$if_real}/rules/*");
foreach ($files as $file) {
$splitcontents = file($file);
$changed = false;
foreach ( $splitcontents as $counter => $value ) {
- $disabled = "False";
- $findme = "# alert"; //find string for disabled alerts
- $counter2 = 1;
$sid = snort_get_rule_part($value, 'sid:', ';', 0);
if (!is_numeric($sid))
continue;
- if (isset($enabled_sids[$sid])) {
+ if (isset($enabled_sids["enablesid {$sid}"])) {
if (substr($value, 0, 5) == "alert")
/* Rule is already enabled */
continue;
@@ -326,7 +324,7 @@ function snort_apply_customizations($snortcfg, $if_real) {
$splitcontents[$counter - 1] = substr($value, 2);
$changed = true;
}
- } else if (isset($disabled_sids[$sid])) {
+ } else if (isset($disabled_sids["disablesid {$sid}"])) {
if (substr($value, 0, 7) == "# alert")
/* Rule is already disabled */
continue;
@@ -344,9 +342,9 @@ function snort_apply_customizations($snortcfg, $if_real) {
}
}
- if ($changed == true)
- @file_put_contents($file, implode("\n", $splitcontents));
}
+ if ($changed == true)
+ @file_put_contents($file, implode("\n", $splitcontents));
}
}
}