From 231e4a650644337d28007728073b5f36f7dcbd64 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Wed, 10 Apr 2013 21:10:57 -0400 Subject: Bump Snort pkg ver to 2.5.5 in Master Package Config --- pkg_config.8.xml | 2 +- pkg_config.8.xml.amd64 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 95d194a7..47b1d951 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -512,7 +512,7 @@ barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL;snort_UNSET=TARGETBASED PERFPROFILE REACT;snort_SET=DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITHOUT_TARGETBASED=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITHOUT_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true http://www.pfsense.com/packages/config/snort/snort.xml - 2.9.4.1 pkg v. 2.5.4 + 2.9.4.1 pkg v. 2.5.5 2.0 Stable /snort.xml diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 4d1c0e47..36f3f280 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -499,7 +499,7 @@ barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL;snort_UNSET=TARGETBASED PERFPROFILE REACT;snort_SET=DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITHOUT_TARGETBASED=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITHOUT_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true http://www.pfsense.com/packages/config/snort/snort.xml - 2.9.4.1 pkg v. 2.5.4 + 2.9.4.1 pkg v. 2.5.5 2.0 Stable /snort.xml -- cgit v1.2.3 From f98ad28bb5e6c4a364346228a68ef7cee45206d5 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Wed, 10 Apr 2013 21:12:33 -0400 Subject: Fix longstanding bug with enable/disable SID code --- config/snort/snort.inc | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/config/snort/snort.inc b/config/snort/snort.inc index d8a7cc19..6bf73f24 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -1457,9 +1457,17 @@ function snort_load_sid_mods($sids, $value) { /* This function parses the string of */ /* SID values in $sids and returns an */ /* array with the SID as the key and */ - /* passed $value as the value. The SID */ - /* values in $sids are assumed to be */ - /* delimited by "||". */ + /* value. The SID values in $sids are */ + /* assumed to be delimited by "||". */ + /* */ + /* $sids ==> string of SID values from */ + /* saved config file. */ + /* */ + /* $value ==> type of mod (enable or */ + /* disable). Not currently */ + /* utilized, but maintained */ + /* so as not to break legacy */ + /* code elsewhere. */ /*****************************************/ $result = array(); @@ -1468,7 +1476,7 @@ function snort_load_sid_mods($sids, $value) { $tmp = explode("||", $sids); foreach ($tmp as $v) { if (preg_match('/\s\d+/', $v, $match)) - $result[trim($match[0])] = $value; + $result[trim($match[0])] = trim($match[0]); } unset($tmp); @@ -1513,14 +1521,13 @@ function snort_modify_sids(&$rule_map, $snortcfg) { if (!empty($disablesid)) { foreach ($rule_map as $k1 => $rulem) { foreach ($rulem as $k2 => $v) { - if (in_array($k2, $disablesid) && $v['disabled'] == 0) { + if (in_array($k2, $disablesid) && $v['disabled'] == 0) { $rule_map[$k1][$k2]['rule'] = "# " . $v['rule']; $rule_map[$k1][$k2]['disabled'] = 1; } } } } - unset($enablesid, $disablesid); } -- cgit v1.2.3