aboutsummaryrefslogtreecommitdiffstats
path: root/config/suricata
diff options
context:
space:
mode:
Diffstat (limited to 'config/suricata')
-rw-r--r--config/suricata/suricata.inc11
-rw-r--r--config/suricata/suricata_post_install.php6
-rw-r--r--config/suricata/suricata_uninstall.php2
3 files changed, 14 insertions, 5 deletions
diff --git a/config/suricata/suricata.inc b/config/suricata/suricata.inc
index a2be802a..53dc678f 100644
--- a/config/suricata/suricata.inc
+++ b/config/suricata/suricata.inc
@@ -589,8 +589,15 @@ function suricata_rm_blocked_install_cron($should_install) {
$suricata_rm_blocked_expire = "2419200";
}
- $command = "/usr/bin/nice -n20 /sbin/pfctl -t {$suri_pf_table} -T expire {$suricata_rm_blocked_expire}";
- install_cron_job($command, $should_install, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root");
+ // First, remove any existing cron task for "rm_blocked" hosts
+ install_cron_job("pfctl -t {$suri_pf_table} -T expire" , false);
+
+ // Now add or update the cron task for "rm_blocked" hosts
+ // if enabled.
+ if ($should_install) {
+ $command = "/usr/bin/nice -n20 /sbin/pfctl -t {$suri_pf_table} -T expire {$suricata_rm_blocked_expire}";
+ install_cron_job($command, $should_install, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root");
+ }
}
function sync_suricata_package_config() {
diff --git a/config/suricata/suricata_post_install.php b/config/suricata/suricata_post_install.php
index 4d5454d5..91866982 100644
--- a/config/suricata/suricata_post_install.php
+++ b/config/suricata/suricata_post_install.php
@@ -110,8 +110,8 @@ if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] =
suricata_create_rc();
// Set Log Limit, Block Hosts Time and Rules Update Time
- suricata_loglimit_install_cron();
-// suricata_rm_blocked_install_cron($config['installedpackages']['suricata']['config'][0]['rm_blocked'] != "never_b" ? true : false);
+ suricata_loglimit_install_cron(true);
+ suricata_rm_blocked_install_cron($config['installedpackages']['suricata']['config'][0]['rm_blocked'] != "never_b" ? true : false);
suricata_rules_up_install_cron($config['installedpackages']['suricata']['config'][0]['autoruleupdate'] != "never_up" ? true : false);
// Add the recurring jobs created above to crontab
@@ -138,7 +138,7 @@ if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] =
}
// Update Suricata package version in configuration
-$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "v0.3-BETA";
+$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "v1.0.1";
write_config();
// Done with post-install, so clear flag
diff --git a/config/suricata/suricata_uninstall.php b/config/suricata/suricata_uninstall.php
index b8ea6097..558069be 100644
--- a/config/suricata/suricata_uninstall.php
+++ b/config/suricata/suricata_uninstall.php
@@ -35,6 +35,7 @@ $suricatadir = SURICATADIR;
$suricatalogdir = SURICATALOGDIR;
$rcdir = RCFILEPREFIX;
$suricata_rules_upd_log = RULES_UPD_LOGFILE;
+$suri_pf_table = SURICATA_PF_TABLE;
log_error(gettext("[Suricata] Suricata package uninstall in progress..."));
@@ -64,6 +65,7 @@ mwexec('/usr/sbin/pw userdel suricata; /usr/sbin/pw groupdel suricata', true);
/* Remove the Suricata cron jobs. */
install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/www/suricata/suricata_check_for_rule_updates.php", false);
install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_check_cron_misc.inc", false);
+install_cron_job("pfctl -t {$suri_pf_table} -T expire" , false);
/* See if we are to keep Suricata log files on uninstall */
if ($config['installedpackages']['suricata']['config'][0]['clearlogs'] == 'on') {