aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort_interfaces.php1
-rw-r--r--config/snort/snort_migrate_config.php3
-rw-r--r--config/snort/snort_post_install.php19
3 files changed, 8 insertions, 15 deletions
diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php
index 6a5a1aea..38471ef0 100755
--- a/config/snort/snort_interfaces.php
+++ b/config/snort/snort_interfaces.php
@@ -69,6 +69,7 @@ if (isset($_POST['del_x'])) {
write_config("Snort pkg: deleted one or more Snort interfaces.");
sleep(2);
+ conf_mount_rw();
sync_snort_package_config();
conf_mount_ro();
header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
diff --git a/config/snort/snort_migrate_config.php b/config/snort/snort_migrate_config.php
index e8ba7028..9569c475 100644
--- a/config/snort/snort_migrate_config.php
+++ b/config/snort/snort_migrate_config.php
@@ -488,11 +488,10 @@ foreach ($rule as &$r) {
// Release reference to final array element
unset($r);
-// Write out the new configuration to disk if we changed anything
+// Log a message if we changed anything
if ($updated_cfg) {
$config['installedpackages']['snortglobal']['snort_config_ver'] = "3.1.3";
log_error("[Snort] Saving configuration settings in new format...");
- write_config("Snort pkg: migrate existing settings to new format as part of package upgrade.");
log_error("[Snort] Settings successfully migrated to new configuration format...");
}
else
diff --git a/config/snort/snort_post_install.php b/config/snort/snort_post_install.php
index 8d1588d9..13191a44 100644
--- a/config/snort/snort_post_install.php
+++ b/config/snort/snort_post_install.php
@@ -73,7 +73,6 @@ $snortlibdir = SNORTLIBDIR;
$rcdir = RCFILEPREFIX;
$flowbit_rules_file = FLOWBITS_FILENAME;
$snort_enforcing_rules_file = SNORT_ENFORCING_RULES_FILENAME;
-$mounted_rw = FALSE;
/* Hard kill any running Snort processes that may have been started by any */
/* of the pfSense scripts such as check_reload_status() or rc.start_packages */
@@ -94,11 +93,8 @@ if(is_process_running("barnyard")) {
/* Set flag for post-install in progress */
$g['snort_postinstall'] = true;
-/* If not already, set Snort conf partition to read-write so we can make changes there */
-if (!is_subsystem_dirty('mount')) {
- conf_mount_rw();
- $mounted_rw = TRUE;
-}
+/* Set conf partition to read-write so we can make changes there */
+conf_mount_rw();
/* cleanup default files */
@rename("{$snortdir}/snort.conf-sample", "{$snortdir}/snort.conf");
@@ -135,7 +131,6 @@ if ($pkgid >= 0) {
log_error(gettext("[Snort] Removing legacy 'Dashboard Widget: Snort' package because the widget is now part of the Snort package."));
unset($config['installedpackages']['package'][$pkgid]);
unlink_if_exists("/usr/local/pkg/widget-snort.xml");
- write_config("Snort pkg: removed legacy Snort Dashboard Widget.");
}
/* Define a default Dashboard Widget Container for Snort */
@@ -175,8 +170,6 @@ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
$fixed_duplicate = TRUE;
}
}
- if ($fixed_duplicate)
- write_config("Snort pkg: updated interface UUIDs to eliminate duplicates.");
unset($uuids);
}
/****************************************************************/
@@ -194,6 +187,7 @@ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
include('/usr/local/pkg/snort/snort_check_for_rule_updates.php');
update_status(gettext("Generating snort.conf configuration file from saved settings..."));
$rebuild_rules = true;
+ conf_mount_rw();
/* Create the snort.conf files for each enabled interface */
$snortconf = $config['installedpackages']['snortglobal']['rule'];
@@ -259,9 +253,8 @@ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
}
}
-/* We're finished with conf partition mods, return to read-only if we changed it */
-if ($mounted_rw == TRUE)
- conf_mount_ro();
+/* We're finished with conf partition mods, return to read-only */
+conf_mount_ro();
/* If an existing Snort Dashboard Widget container is not found, */
/* then insert our default Widget Dashboard container. */
@@ -270,7 +263,7 @@ if (stristr($config['widgets']['sequence'], "snort_alerts-container") === FALSE)
/* Update Snort package version in configuration */
$config['installedpackages']['snortglobal']['snort_config_ver'] = "3.1.3";
-write_config("Snort pkg: post-install configuration saved.");
+write_config("Snort pkg v3.1.3: post-install configuration saved.");
/* Done with post-install, so clear flag */
unset($g['snort_postinstall']);