2 files changed, 40 insertions, 9 deletions

diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc
index 8773cac6..e27d8e4a 100644
--- a/packages/snort/snort.inc
+++ b/packages/snort/snort.inc
@@ -27,14 +27,12 @@
 	POSSIBILITY OF SUCH DAMAGE.
 */
 
-$snort_conf_file = "/usr/local/etc/snort/snort.conf";
-
 /* define oinkid */
 if($config['installedpackages']['snort'])
 	$oinkid = $config['installedpackages']['snort']['config'][0]['oinkmastercode'];
 
 function sync_package_snort() {
-	global $config, $g, $snort_conf_file;
+	global $config, $g;
 	conf_mount_rw();
 	exec("/bin/mkdir -p /usr/local/etc/snort");
 	exec("/bin/mkdir -p /var/log/snort");
@@ -68,7 +66,7 @@ function sync_package_snort() {
 	$start  = "/bin/mkdir -p /var/log/snort";
 
 	/* start snort */
-	$start .= ";snort -c {$snort_conf_file} -l /var/log/snort {$ifaces_final} -A full -D";
+	$start .= ";snort -c /usr/local/etc/snort/snort.conf -l /var/log/snort {$ifaces_final} -A full -D";
 
 	/* if block offenders is checked, start snort2c */
 	if($_POST['blockoffenders'])
@@ -90,13 +88,13 @@ function sync_package_snort() {
 }
 
 function create_snort_conf() {
-	global $config, $g, $snort_conf_file;
+	global $config, $g;
 	/* write out snort.conf */
 	$snort_conf_text = generate_snort_conf();
 	conf_mount_rw();
-	$conf = fopen($snort_conf_file, "w");
+	$conf = fopen("/usr/local/etc/snort/snort.conf", "w");
 	if(!$conf) {
-		log_error("Could not open {$snort_conf_file} for writing.");
+		log_error("Could not open /usr/local/etc/snort/snort.conf for writing.");
 		exit;
 	}
 	fwrite($conf, $snort_conf_text);
@@ -105,7 +103,7 @@ function create_snort_conf() {
 }
 
 function generate_snort_conf() {
-	global $config, $g, $snort_conf_file;
+	global $config, $g;
 	conf_mount_rw();
 	/* obtain external interface */
 	/* XXX: make multi wan friendly */
diff --git a/packages/snort/snort_dynamic_ip_reload.php b/packages/snort/snort_dynamic_ip_reload.php
index 0403ea31..5d88be69 100644
--- a/packages/snort/snort_dynamic_ip_reload.php
+++ b/packages/snort/snort_dynamic_ip_reload.php
@@ -1,8 +1,40 @@
+<?php
 
-require("/usr/local/pkg/snort.inc");
+/* $Id$ */
+/*
+	snort_dynamic_ip_reload.php
+	Copyright (C) 2006 Scott Ullrich
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/* NOTE: this file gets included from the pfSense filter.inc plugin process */
 
 log_error("[SNORT] Snort_dynamic_ip_reload.php is starting.");
 
+require_once("/usr/local/pkg/snort.inc");
+require_once("service-utils.inc");
+
 if($config['interfaces']['wan']['ipaddr'] == "pppoe" or
    $config['interfaces']['wan']['ipaddr'] == "dhcp") {
 		log_error("Snort has detected a dynamic wan address. Reloading configuration.");
@@ -14,3 +46,4 @@ if($config['interfaces']['wan']['ipaddr'] == "pppoe" or
 
 log_error("[SNORT] Snort_dynamic_ip_reload.php is ending.");
 
+?>
\ No newline at end of file