diff options
Diffstat (limited to 'config/snort')
-rwxr-xr-x | config/snort/snort.inc | 19 | ||||
-rw-r--r-- | config/snort/snort_check_cron_misc.inc | 4 |
2 files changed, 11 insertions, 12 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 1c9c5cd6..b65569e4 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -44,7 +44,7 @@ require_once("filter.inc"); ini_set("memory_limit", "192M"); // Explicitly declare this as global so it works through function call includes -global $rebuild_rules, $pfSense_snort_version; +global $rebuild_rules; // Grab the Snort binary version programmatically, but if that fails use a safe default $snortver = array(); @@ -53,9 +53,8 @@ $snort_version = $snortver[0]; if (empty($snort_version)) $snort_version = "2.9.6.0"; -/* package version */ -$pfSense_snort_version = "3.0.5"; -$snort_package_version = "Snort {$snort_version} pkg v{$pfSense_snort_version}"; +/* get installed package version for display */ +$snort_package_version = "Snort {$config['installedpackages']['package'][get_pkg_id("snort")]['version']}"; // Define SNORTDIR and SNORTLIBDIR constants according to pfSense version $pfs_version=substr(trim(file_get_contents("/etc/version")),0,3); @@ -648,7 +647,7 @@ function snort_post_delete_logs($snort_uuid = 0) { /* Clean-up stats file if enabled */ if ($value['perform_stat'] == 'on') - file_put_contents("{$snort_log_dir}/{$if_real}.stats", ""); + @file_put_contents("{$snort_log_dir}/{$if_real}.stats", ""); } } } @@ -1628,7 +1627,7 @@ function snort_write_enforcing_rules_file($rule_map, $rule_path) { /* If the $rule_map array is empty, then exit. */ if (empty($rule_map)) { - file_put_contents($rule_file, ""); + @file_put_contents($rule_file, ""); return; } @@ -2109,7 +2108,7 @@ function snort_deinstall() { } } $config['widgets']['sequence'] = implode(",", $widgetlist); - write_config(); + write_config("Snort pkg: remove Snort Dashboard Widget on package deinstall."); } /* See if we are to clear blocked hosts on uninstall */ @@ -2199,7 +2198,7 @@ function snort_prepare_rule_files($snortcfg, $snortcfgdir) { $sd_tmp_new_file=""; foreach ($sd_tmp_file as $sd_tmp_line) $sd_tmp_new_file.=preg_match("/$sdf_alert_pattern/i",$sd_tmp_line) ? $sd_tmp_line : ""; - file_put_contents("{$snortcfgdir}/preproc_rules/sensitive-data.rules",$sd_tmp_new_file,LOCK_EX); + @file_put_contents("{$snortcfgdir}/preproc_rules/sensitive-data.rules",$sd_tmp_new_file,LOCK_EX); } } elseif ($snortcfg['sensitive_data'] != 'on' && $snortcfg['protect_preproc_rules'] != 'on') { @@ -3541,7 +3540,7 @@ EOD; // Check for and configure Host Attribute Table if enabled $host_attrib_config = ""; if ($snortcfg['host_attribute_table'] == "on" && !empty($snortcfg['host_attribute_data'])) { - file_put_contents("{$snortcfgdir}/host_attributes", base64_decode($snortcfg['host_attribute_data'])); + @file_put_contents("{$snortcfgdir}/host_attributes", base64_decode($snortcfg['host_attribute_data'])); $host_attrib_config = "# Host Attribute Table #\n"; $host_attrib_config .= "attribute_table filename {$snortcfgdir}/host_attributes\n"; if (!empty($snortcfg['max_attribute_hosts'])) @@ -3778,7 +3777,7 @@ output alert_csv: alert timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,src EOD; // Write out snort.conf file - file_put_contents("{$snortcfgdir}/snort.conf", $snort_conf_text); + @file_put_contents("{$snortcfgdir}/snort.conf", $snort_conf_text); conf_mount_ro(); unset($snort_conf_text, $selected_rules_sections, $suppress_file_name, $snort_misc_include_rules, $spoink_type, $snortunifiedlog_type, $alertsystemlog_type); unset($home_net, $external_net, $ipvardef, $portvardef); diff --git a/config/snort/snort_check_cron_misc.inc b/config/snort/snort_check_cron_misc.inc index 7b0cfe34..a5b9e65e 100644 --- a/config/snort/snort_check_cron_misc.inc +++ b/config/snort/snort_check_cron_misc.inc @@ -58,7 +58,7 @@ function snort_check_dir_size_limit($snortloglimitsize) { // Truncate the Rules Update Log file if it exists if (file_exists(RULES_UPD_LOGFILE)) { log_error(gettext("[Snort] Truncating the Rules Update Log file...")); - file_put_contents(RULES_UPD_LOGFILE, ""); + @file_put_contents(RULES_UPD_LOGFILE, ""); } // Clean-up the logs for each configured Snort instance @@ -71,7 +71,7 @@ function snort_check_dir_size_limit($snortloglimitsize) { // Truncate the alert log file if it exists if (file_exists("{$snort_log_dir}/alert")) { - file_put_contents("{$snort_log_dir}/alert", ""); + @file_put_contents("{$snort_log_dir}/alert", ""); } // This is needed if snort is run as snort user |