aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort.inc43
-rw-r--r--config/snort/snort_barnyard.php1
-rwxr-xr-xconfig/snort/snort_interfaces.php9
-rwxr-xr-xconfig/snort/snort_interfaces_edit.php4
-rw-r--r--config/snort/snort_post_install.php4
5 files changed, 42 insertions, 19 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index bf2af306..75153efb 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -1039,21 +1039,23 @@ function sync_snort_package_config() {
conf_mount_rw();
+ $pkg_serv = &$config['installedpackages']['service'];
+ if (!is_array($pkg_serv))
+ $pkg_serv = array();
+
/* do not start config build if rules is empty or there are no Snort settings */
if (!is_array($config['installedpackages']['snortglobal']) || !is_array($config['installedpackages']['snortglobal']['rule'])) {
conf_mount_ro();
// Make sure no lingering <service> entries exist for Snort interfaces
$is_dirty = FALSE;
- if (!is_array($config['installedpackges']['service']))
- $config['installedpackages']['service'] = array();
- foreach ($config['installedpackages']['service'] as $key => $service) {
+ foreach ($pkg_serv as $key => $service) {
if (strpos($service['name'], "snort_") !== FALSE) {
- unset($config['installedpackages']['service'][$key]);
+ unset($pkg_serv[$key]);
$is_dirty = TRUE;
}
if (strpos($service['name'], "barnyard2_") !== FALSE) {
- unset($config['installedpackages']['service'][$key]);
+ unset($pkg_serv[$key]);
$is_dirty = TRUE;
}
}
@@ -1068,16 +1070,16 @@ function sync_snort_package_config() {
/* Skip configuration of any disabled interface */
/* after removing its custom service entry. */
if ($value['enable'] != 'on') {
- foreach ($config['installedpackages']['service'] as $key => $service) {
+ foreach ($pkg_serv as $key => $service) {
if (isset($service['uuid']) && $service['uuid'] == $value['uuid'] &&
$service['name'] == "snort_" . strtolower($value['interface'])) {
- unset($config['installedpackages']['service'][$key]);
+ unset($pkg_serv[$key]);
unlink_if_exists("{$g['varrun_path']}/snort_{$uuid}.disabled");
$is_dirty = TRUE;
}
if (isset($service['uuid']) && $service['uuid'] == $value['uuid'] &&
$service['name'] == "barnyard2_" . strtolower($value['interface'])) {
- unset($config['installedpackages']['service'][$key]);
+ unset($pkg_serv[$key]);
unlink_if_exists("{$g['varrun_path']}/barnyard2_{$uuid}.disabled");
$is_dirty = TRUE;
}
@@ -1097,7 +1099,7 @@ function sync_snort_package_config() {
/* create a <service> entry for interface */
$snort_found = FALSE;
$barnyard_found = FALSE;
- foreach ($config['installedpackages']['service'] as $service) {
+ foreach ($pkg_serv as $key => $service) {
if (isset($service['uuid']) && $service['uuid'] == $value['uuid'] &&
$service['name'] == "snort_" . strtolower($value['interface'])) {
$snort_found = TRUE;
@@ -1105,8 +1107,20 @@ function sync_snort_package_config() {
if (isset($service['uuid']) && $service['uuid'] == $value['uuid'] &&
$service['name'] == "barnyard2_" . strtolower($value['interface'])) {
$barnyard_found = TRUE;
+ $byid = $key;
}
}
+
+ // If we found a configured Barnyard2 service for this interface,
+ // but Barnyard2 is disabled, remove the Barnyard2 service entry.
+ if ($barnyard_found && $value['barnyard_enable'] != "on") {
+ unset($pkg_serv[$byid]);
+ unlink_if_exists("{$g['varrun_path']}/barnyard2_{$uuid}.disabled");
+ $is_dirty = TRUE;
+ }
+
+ // If we did not find configured services for enabled Snort and
+ // Barnyard2 interfaces, then create them.
if (!$snort_found) {
$service = array();
$service['name'] = "snort_" . strtolower($value['interface']);
@@ -3026,17 +3040,18 @@ function snort_deinstall() {
/* Remove our custom <service> entries from config */
$is_dirty = FALSE;
- if (!is_array($config['installedpackges']['service']))
- $config['installedpackages']['service'] = array();
- foreach ($config['installedpackages']['service'] as $key => $service) {
+ $pkg_serv = &$config['installedpackages']['service'];
+ if (!is_array($pkg_serv))
+ $pkg_serv = array();
+ foreach ($pkg_serv as $key => $service) {
if (strpos($service['name'], "snort_") !== FALSE) {
- unset($config['installedpackages']['service'][$key]);
+ unset($pkg_serv[$key]);
unlink_if_exists("{$g['varrun_path']}/snort_{$service['uuid']}.disabled");
$is_dirty = TRUE;
continue;
}
if (strpos($service['name'], "barnyard2_") !== FALSE) {
- unset($config['installedpackages']['service'][$key]);
+ unset($pkg_serv[$key]);
unlink_if_exists("{$g['varrun_path']}/barnyard2_{$service['uuid']}.disabled");
$is_dirty = TRUE;
}
diff --git a/config/snort/snort_barnyard.php b/config/snort/snort_barnyard.php
index 4943f981..3f3d8ae5 100644
--- a/config/snort/snort_barnyard.php
+++ b/config/snort/snort_barnyard.php
@@ -98,6 +98,7 @@ if ($_POST['save']) {
if ($_POST['barnyard_enable'] != 'on') {
$a_nat[$id]['barnyard_enable'] = 'off';
write_config("Snort pkg: modified Barnyard2 settings.");
+ touch("{$g['varrun_path']}/barnyard2_{$uuid}.disabled");
snort_barnyard_stop($a_nat[$id], get_real_interface($a_nat[$id]['interface']));
// No need to rebuild rules for Barnyard2 changes
diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php
index 51eef308..04e6dae0 100755
--- a/config/snort/snort_interfaces.php
+++ b/config/snort/snort_interfaces.php
@@ -52,18 +52,21 @@ if (isset($_POST['del_x'])) {
/* Delete selected Snort interfaces */
if (is_array($_POST['rule'])) {
conf_mount_rw();
+ $pkg_serv = &$config['installedpackages']['service'];
+ if (!is_array($pkg_serv))
+ $pkg_serv = array();
foreach ($_POST['rule'] as $rulei) {
$if_real = get_real_interface($a_nat[$rulei]['interface']);
$snort_uuid = $a_nat[$rulei]['uuid'];
- foreach ($config['installedpackages']['service'] as $key => $service) {
+ foreach ($pkg_serv as $key => $service) {
if (isset($service['uuid']) && $service['uuid'] == $snort_uuid &&
$service['name'] == "snort_" . strtolower($a_nat[$rulei]['interface'])) {
- unset($config['installedpackages']['service'][$key]);
+ unset($pkg_serv[$key]);
unlink_if_exists("{$g['varrun_path']}/snort_{$snort_uuid}.disabled");
}
if (isset($service['uuid']) && $service['uuid'] == $snort_uuid &&
$service['name'] == "barnyard2_" . strtolower($a_nat[$rulei]['interface'])) {
- unset($config['installedpackages']['service'][$key]);
+ unset($pkg_serv[$key]);
unlink_if_exists("{$g['varrun_path']}/barnyard2_{$snort_uuid}.disabled");
}
}
diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php
index cc785725..1b412d31 100755
--- a/config/snort/snort_interfaces_edit.php
+++ b/config/snort/snort_interfaces_edit.php
@@ -165,6 +165,8 @@ if ($_POST["save"] && !$input_errors) {
// save the change, and exit.
if ($_POST['enable'] != 'on') {
$a_rule[$id]['enable'] = $_POST['enable'] ? 'on' : 'off';
+ touch("{$g['varrun_path']}/snort_{$a_rule[$id]['uuid']}.disabled");
+ touch("{$g['varrun_path']}/barnyard2_{$a_rule[$id]['uuid']}.disabled");
snort_stop($a_rule[$id], get_real_interface($a_rule[$id]['interface']));
write_config("Snort pkg: modified interface configuration for {$a_rule[$id]['interface']}.");
$rebuild_rules = false;
@@ -225,6 +227,7 @@ if ($_POST["save"] && !$input_errors) {
$oif_real = get_real_interface($a_rule[$id]['interface']);
if (snort_is_running($a_rule[$id]['uuid'], $oif_real)) {
touch("{$g['varrun_path']}/snort_{$a_rule[$id]['uuid']}.disabled");
+ touch("{$g['varrun_path']}/barnyard2_{$a_rule[$id]['uuid']}.disabled");
snort_stop($a_rule[$id], $oif_real);
$snort_start = true;
}
@@ -401,6 +404,7 @@ if ($_POST["save"] && !$input_errors) {
if ($snort_start == true) {
snort_start($natent, $if_real);
unlink_if_exists("{$g['varrun_path']}/snort_{$natent['uuid']}.disabled");
+ unlink_if_exists("{$g['varrun_path']}/barnyard2_{$natent['uuid']}.disabled");
}
/*******************************************************/
diff --git a/config/snort/snort_post_install.php b/config/snort/snort_post_install.php
index bbdbe476..36a54298 100644
--- a/config/snort/snort_post_install.php
+++ b/config/snort/snort_post_install.php
@@ -194,7 +194,7 @@ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
$if_real = get_real_interface($snortcfg['interface']);
$snort_uuid = $snortcfg['uuid'];
$snortcfgdir = "{$snortdir}/snort_{$snort_uuid}_{$if_real}";
- update_output_window(gettext("Generating configuration for " . convert_friendly_interface_to_friendly_descr($snortcfg['interface'])));
+ update_output_window(gettext("Generating configuration for " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . "..."));
// Pull in the PHP code that generates the snort.conf file
// variables that will be substituted further down below.
@@ -295,7 +295,7 @@ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
continue;
$if_real = get_real_interface($snortcfg['interface']);
$snort_uuid = $snortcfg['uuid'];
- update_output_window(gettext("Snort starting on " . convert_friendly_interface_to_friendly_descr($snortcfg['interface'])));
+ update_output_window(gettext("Snort starting on " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . "..."));
log_error("[Snort] Snort START for " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . "({$if_real})...");
mwexec_bg("/usr/local/bin/snort -R {$snort_uuid} -D -q -l {$snortlogdir}/snort_{$if_real}{$snort_uuid} --pid-path {$g['varrun_path']} --nolock-pidfile -G {$snort_uuid} -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}");
if ($snortcfg['barnyard_enable'] == 'on')