diff options
Diffstat (limited to 'config/snort')
-rw-r--r-- | config/snort/snort.inc | 21 | ||||
-rw-r--r-- | config/snort/snort_rules.php | 16 |
2 files changed, 17 insertions, 20 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 9c67993a..2290fa93 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -1033,17 +1033,6 @@ function snort_generate_conf($snortcfg) { if(!empty($snortcfg['performance'])) $snort_performance = $snortcfg['performance']; - /* generate rule sections to load */ - $enabled_rulesets = $snortcfg['rulesets']; - $selected_rules_sections = ""; - if (!empty($enabled_rulesets)) { - $enabled_rulesets_array = explode("||", $enabled_rulesets); - foreach($enabled_rulesets_array as $enabled_item) { - if (file_exists("{$snortcfgdir}/rules/{$enabled_item}")) - $selected_rules_sections .= "include \$RULE_PATH/{$enabled_item}\n"; - } - } - ///////////////////////////// /* preprocessor code */ /* def perform_stat */ @@ -1275,6 +1264,16 @@ EOD; if (file_exists("{$snortdir}/preproc_rules/decoder.rules")) $snort_misc_include_rules .= "include \$PREPROC_RULE_PATH/decoder.rules\n"; + /* generate rule sections to load */ + $selected_rules_sections = ""; + if (!empty($snortcfg['rulesets'])) { + $enabled_rulesets_array = explode("||", $snortcfg['rulesets']); + foreach($enabled_rulesets_array as $enabled_item) { + if (file_exists("{$snortcfgdir}/rules/{$enabled_item}")) + $selected_rules_sections .= "include \$RULE_PATH/{$enabled_item}\n"; + } + } + /* build snort configuration file */ $snort_conf_text = <<<EOD diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index 100134c7..5a13cf7b 100644 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -65,9 +65,9 @@ if (!is_dir("{$snortdir}/snort_{$iface_uuid}_{$if_real}/rules")) exec("/bin/mkdir -p {$snortdir}/snort_{$iface_uuid}_{$if_real}/rules"); $isrulesfolderempty = exec("ls -A {$snortdir}/snort_{$iface_uuid}_{$if_real}/rules/*.rules"); -if ($isrulesfolderempty == "") { +if ($isrulesfolderempty == "" || empty($pconfig['rulesets'])) { $isrulesfolderempty = exec("ls -A {$snortdir}/rules/*.rules"); - if ($isrulesfolderempty == "") { + if ($isrulesfolderempty == "" || empty($pconfig['rulesets'])) { include_once("head.inc"); include_once("fbegin.inc"); @@ -96,7 +96,7 @@ if ($isrulesfolderempty == "") { <table id=\"maintable\" class=\"tabcont\" width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n <tr>\n <td>\n - # The rules directory is empty.\n + # The rules directory is empty or you have not selected any rules in the Categories tab.\n </td>\n </tr>\n </table>\n @@ -153,11 +153,12 @@ while (false !== ($filename = readdir($dh))) $files[] = basename($filename); } sort($files); +$categories = explode("||", $pconfig['rulesets']); if ($_GET['openruleset']) $rulefile = $_GET['openruleset']; else - $rulefile = $ruledir.$files[0]; + $rulefile = $ruledir.$categories[0]; //Load the rule file $splitcontents = load_rule_file($rulefile); @@ -278,6 +279,8 @@ function popup(url) <select id="selectbox" name="selectbox" class="formselect" onChange="go()"> <?php foreach ($files as $value) { + if (!in_array($value, $categories)) + continue; echo "<option value='?id={$id}&openruleset={$ruledir}{$value}' "; if ($value === $currentruleset) echo "selected"; @@ -396,11 +399,6 @@ function popup(url) </td> </tr> <tr> - <td colspan="9" class="listlr"> - <?php echo " <strong><span class='red'>There are {$counter} rules in this category. <br/><br/></span></strong>"; ?> - </td> - </tr> - <tr> <td colspan="9"> <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> |