aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort.inc19
-rw-r--r--config/snort/snort_check_cron_misc.inc4
2 files changed, 11 insertions, 12 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 1c9c5cd6..b65569e4 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -44,7 +44,7 @@ require_once("filter.inc");
ini_set("memory_limit", "192M");
// Explicitly declare this as global so it works through function call includes
-global $rebuild_rules, $pfSense_snort_version;
+global $rebuild_rules;
// Grab the Snort binary version programmatically, but if that fails use a safe default
$snortver = array();
@@ -53,9 +53,8 @@ $snort_version = $snortver[0];
if (empty($snort_version))
$snort_version = "2.9.6.0";
-/* package version */
-$pfSense_snort_version = "3.0.5";
-$snort_package_version = "Snort {$snort_version} pkg v{$pfSense_snort_version}";
+/* get installed package version for display */
+$snort_package_version = "Snort {$config['installedpackages']['package'][get_pkg_id("snort")]['version']}";
// Define SNORTDIR and SNORTLIBDIR constants according to pfSense version
$pfs_version=substr(trim(file_get_contents("/etc/version")),0,3);
@@ -648,7 +647,7 @@ function snort_post_delete_logs($snort_uuid = 0) {
/* Clean-up stats file if enabled */
if ($value['perform_stat'] == 'on')
- file_put_contents("{$snort_log_dir}/{$if_real}.stats", "");
+ @file_put_contents("{$snort_log_dir}/{$if_real}.stats", "");
}
}
}
@@ -1628,7 +1627,7 @@ function snort_write_enforcing_rules_file($rule_map, $rule_path) {
/* If the $rule_map array is empty, then exit. */
if (empty($rule_map)) {
- file_put_contents($rule_file, "");
+ @file_put_contents($rule_file, "");
return;
}
@@ -2109,7 +2108,7 @@ function snort_deinstall() {
}
}
$config['widgets']['sequence'] = implode(",", $widgetlist);
- write_config();
+ write_config("Snort pkg: remove Snort Dashboard Widget on package deinstall.");
}
/* See if we are to clear blocked hosts on uninstall */
@@ -2199,7 +2198,7 @@ function snort_prepare_rule_files($snortcfg, $snortcfgdir) {
$sd_tmp_new_file="";
foreach ($sd_tmp_file as $sd_tmp_line)
$sd_tmp_new_file.=preg_match("/$sdf_alert_pattern/i",$sd_tmp_line) ? $sd_tmp_line : "";
- file_put_contents("{$snortcfgdir}/preproc_rules/sensitive-data.rules",$sd_tmp_new_file,LOCK_EX);
+ @file_put_contents("{$snortcfgdir}/preproc_rules/sensitive-data.rules",$sd_tmp_new_file,LOCK_EX);
}
}
elseif ($snortcfg['sensitive_data'] != 'on' && $snortcfg['protect_preproc_rules'] != 'on') {
@@ -3541,7 +3540,7 @@ EOD;
// Check for and configure Host Attribute Table if enabled
$host_attrib_config = "";
if ($snortcfg['host_attribute_table'] == "on" && !empty($snortcfg['host_attribute_data'])) {
- file_put_contents("{$snortcfgdir}/host_attributes", base64_decode($snortcfg['host_attribute_data']));
+ @file_put_contents("{$snortcfgdir}/host_attributes", base64_decode($snortcfg['host_attribute_data']));
$host_attrib_config = "# Host Attribute Table #\n";
$host_attrib_config .= "attribute_table filename {$snortcfgdir}/host_attributes\n";
if (!empty($snortcfg['max_attribute_hosts']))
@@ -3778,7 +3777,7 @@ output alert_csv: alert timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,src
EOD;
// Write out snort.conf file
- file_put_contents("{$snortcfgdir}/snort.conf", $snort_conf_text);
+ @file_put_contents("{$snortcfgdir}/snort.conf", $snort_conf_text);
conf_mount_ro();
unset($snort_conf_text, $selected_rules_sections, $suppress_file_name, $snort_misc_include_rules, $spoink_type, $snortunifiedlog_type, $alertsystemlog_type);
unset($home_net, $external_net, $ipvardef, $portvardef);
diff --git a/config/snort/snort_check_cron_misc.inc b/config/snort/snort_check_cron_misc.inc
index 7b0cfe34..a5b9e65e 100644
--- a/config/snort/snort_check_cron_misc.inc
+++ b/config/snort/snort_check_cron_misc.inc
@@ -58,7 +58,7 @@ function snort_check_dir_size_limit($snortloglimitsize) {
// Truncate the Rules Update Log file if it exists
if (file_exists(RULES_UPD_LOGFILE)) {
log_error(gettext("[Snort] Truncating the Rules Update Log file..."));
- file_put_contents(RULES_UPD_LOGFILE, "");
+ @file_put_contents(RULES_UPD_LOGFILE, "");
}
// Clean-up the logs for each configured Snort instance
@@ -71,7 +71,7 @@ function snort_check_dir_size_limit($snortloglimitsize) {
// Truncate the alert log file if it exists
if (file_exists("{$snort_log_dir}/alert")) {
- file_put_contents("{$snort_log_dir}/alert", "");
+ @file_put_contents("{$snort_log_dir}/alert", "");
}
// This is needed if snort is run as snort user