From 901d2606d5e64e4f49c3f99faa6c221e4cad6390 Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Wed, 13 May 2015 23:58:49 -0400
Subject: Move log mgmt settings to global data instead of per interface.

---
 config/suricata/suricata_migrate_config.php | 160 +++++++++++++++++++++-------
 1 file changed, 123 insertions(+), 37 deletions(-)

diff --git a/config/suricata/suricata_migrate_config.php b/config/suricata/suricata_migrate_config.php
index 75e13315..afbedd94 100644
--- a/config/suricata/suricata_migrate_config.php
+++ b/config/suricata/suricata_migrate_config.php
@@ -94,6 +94,91 @@ if (empty($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enabl
 	$updated_cfg = true;
 }
 
+/**********************************************************/
+/* Set default log size and retention limits if not set   */
+/**********************************************************/
+if (!isset($config['installedpackages']['suricata']['config'][0]['alert_log_retention']) && $config['installedpackages']['suricata']['config'][0]['alert_log_retention'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['alert_log_retention'] = "336";
+	$updated_cfg = true;
+}
+if (!isset($config['installedpackages']['suricata']['config'][0]['alert_log_limit_size']) && $config['installedpackages']['suricata']['config'][0]['alert_log_limit_size'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['alert_log_limit_size'] = "500";
+	$updated_cfg = true;
+}
+
+if (!isset($config['installedpackages']['suricata']['config'][0]['block_log_retention']) && $config['installedpackages']['suricata']['config'][0]['block_log_retention'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['block_log_retention'] = "336";
+	$updated_cfg = true;
+}
+if (!isset($config['installedpackages']['suricata']['config'][0]['block_log_limit_size']) && $config['installedpackages']['suricata']['config'][0]['block_log_limit_size'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['block_log_limit_size'] = "500";
+	$updated_cfg = true;
+}
+
+if (!isset($config['installedpackages']['suricata']['config'][0]['dns_log_retention']) && $config['installedpackages']['suricata']['config'][0]['dns_log_retention'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['dns_log_retention'] = "168";
+	$updated_cfg = true;
+}
+if (!isset($config['installedpackages']['suricata']['config'][0]['dns_log_limit_size']) && $config['installedpackages']['suricata']['config'][0]['dns_log_limit_size'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['dns_log_limit_size'] = "750";
+	$updated_cfg = true;
+}
+
+if (!isset($config['installedpackages']['suricata']['config'][0]['eve_log_retention']) && $config['installedpackages']['suricata']['config'][0]['eve_log_retention'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['eve_log_retention'] = "168";
+	$updated_cfg = true;
+}
+if (!isset($config['installedpackages']['suricata']['config'][0]['eve_log_limit_size']) && $config['installedpackages']['suricata']['config'][0]['eve_log_limit_size'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['eve_log_limit_size'] = "5000";
+	$updated_cfg = true;
+}
+
+if (!isset($config['installedpackages']['suricata']['config'][0]['files_json_log_retention']) && $config['installedpackages']['suricata']['config'][0]['files_json_log_retention'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['files_json_log_retention'] = "168";
+	$updated_cfg = true;
+}
+if (!isset($config['installedpackages']['suricata']['config'][0]['files_json_log_limit_size']) && $config['installedpackages']['suricata']['config'][0]['files_json_log_limit_size'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['files_json_log_limit_size'] = "1000";
+	$updated_cfg = true;
+}
+
+if (!isset($config['installedpackages']['suricata']['config'][0]['http_log_retention']) && $config['installedpackages']['suricata']['config'][0]['http_log_retention'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['http_log_retention'] = "168";
+	$updated_cfg = true;
+}
+if (!isset($config['installedpackages']['suricata']['config'][0]['http_log_limit_size']) && $config['installedpackages']['suricata']['config'][0]['http_log_limit_size'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['http_log_limit_size'] = "1000";
+	$updated_cfg = true;
+}
+
+if (!isset($config['installedpackages']['suricata']['config'][0]['stats_log_retention']) && $config['installedpackages']['suricata']['config'][0]['stats_log_retention'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['stats_log_retention'] = "168";
+	$updated_cfg = true;
+}
+if (!isset($config['installedpackages']['suricata']['config'][0]['stats_log_limit_size']) && $config['installedpackages']['suricata']['config'][0]['stats_log_limit_size'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['stats_log_limit_size'] = "500";
+	$updated_cfg = true;
+}
+
+if (!isset($config['installedpackages']['suricata']['config'][0]['tls_log_retention']) && $config['installedpackages']['suricata']['config'][0]['tls_log_retention'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['tls_log_retention'] = "336";
+	$updated_cfg = true;
+}
+if (!isset($config['installedpackages']['suricata']['config'][0]['tls_log_limit_size']) && $config['installedpackages']['suricata']['config'][0]['tls_log_limit_size'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['tls_log_limit_size'] = "500";
+	$updated_cfg = true;
+}
+
+if (!isset($config['installedpackages']['suricata']['config'][0]['file_store_retention']) && $config['installedpackages']['suricata']['config'][0]['file_store_retention'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['file_store_retention'] = "168";
+	$updated_cfg = true;
+}
+
+if (!isset($config['installedpackages']['suricata']['config'][0]['u2_archive_log_retention']) && $config['installedpackages']['suricata']['config'][0]['u2_archive_log_retention'] != '0') {
+	$config['installedpackages']['suricata']['config'][0]['u2_archive_log_retention'] = "168";
+	$updated_cfg = true;
+}
+
 // Now process the interface-specific settings
 foreach ($rule as &$r) {
 
@@ -196,87 +281,88 @@ foreach ($rule as &$r) {
 	}
 
 	/******************************************************************/
-	/* Create default log size and retention limits if not set        */
+	/* Remove per interface default log size and retention limits     */ 
+	/* if they were set by early bug.                                 */
 	/******************************************************************/
-	if (!isset($pconfig['alert_log_retention']) && $pconfig['alert_log_retention'] != '0') {
-		$pconfig['alert_log_retention'] = "336";
+	if (isset($pconfig['alert_log_retention'])) {
+		unset($pconfig['alert_log_retention']);
 		$updated_cfg = true;
 	}
-	if (!isset($pconfig['alert_log_limit_size']) && $pconfig['alert_log_limit_size'] != '0') {
-		$pconfig['alert_log_limit_size'] = "500";
+	if (isset($pconfig['alert_log_limit_size'])) {
+		unset($pconfig['alert_log_limit_size']);
 		$updated_cfg = true;
 	}
 
-	if (!isset($pconfig['block_log_retention']) && $pconfig['block_log_retention'] != '0') {
-		$pconfig['block_log_retention'] = "336";
+	if (isset($pconfig['block_log_retention'])) {
+		unset($pconfig['block_log_retention']);
 		$updated_cfg = true;
 	}
-	if (!isset($pconfig['block_log_limit_size']) && $pconfig['block_log_limit_size'] != '0') {
-		$pconfig['block_log_limit_size'] = "500";
+	if (isset($pconfig['block_log_limit_size'])) {
+		unset($pconfig['block_log_limit_size']);
 		$updated_cfg = true;
 	}
 
-	if (!isset($pconfig['dns_log_retention']) && $pconfig['dns_log_retention'] != '0') {
-		$pconfig['dns_log_retention'] = "168";
+	if (isset($pconfig['dns_log_retention'])) {
+		unset($pconfig['dns_log_retention']);
 		$updated_cfg = true;
 	}
-	if (!isset($pconfig['dns_log_limit_size']) && $pconfig['dns_log_limit_size'] != '0') {
-		$pconfig['dns_log_limit_size'] = "750";
+	if (isset($pconfig['dns_log_limit_size'])) {
+		unset($pconfig['dns_log_limit_size']);
 		$updated_cfg = true;
 	}
 
-	if (!isset($pconfig['eve_log_retention']) && $pconfig['eve_log_retention'] != '0') {
-		$pconfig['eve_log_retention'] = "168";
+	if (isset($pconfig['eve_log_retention'])) {
+		unset($pconfig['eve_log_retention']);
 		$updated_cfg = true;
 	}
-	if (!isset($pconfig['eve_log_limit_size']) && $pconfig['eve_log_limit_size'] != '0') {
-		$pconfig['eve_log_limit_size'] = "5000";
+	if (isset($pconfig['eve_log_limit_size'])) {
+		unset($pconfig['eve_log_limit_size']);
 		$updated_cfg = true;
 	}
 
-	if (!isset($pconfig['files_json_log_retention']) && $pconfig['files_json_log_retention'] != '0') {
-		$pconfig['files_json_log_retention'] = "168";
+	if (isset($pconfig['files_json_log_retention'])) {
+		unset($pconfig['files_json_log_retention']);
 		$updated_cfg = true;
 	}
-	if (!isset($pconfig['files_json_log_limit_size']) && $pconfig['files_json_log_limit_size'] != '0') {
-		$pconfig['files_json_log_limit_size'] = "1000";
+	if (isset($pconfig['files_json_log_limit_size'])) {
+		unset($pconfig['files_json_log_limit_size']);
 		$updated_cfg = true;
 	}
 
-	if (!isset($pconfig['http_log_retention']) && $pconfig['http_log_retention'] != '0') {
-		$pconfig['http_log_retention'] = "168";
+	if (isset($pconfig['http_log_retention'])) {
+		unset($pconfig['http_log_retention']);
 		$updated_cfg = true;
 	}
-	if (!isset($pconfig['http_log_limit_size']) && $pconfig['http_log_limit_size'] != '0') {
-		$pconfig['http_log_limit_size'] = "1000";
+	if (isset($pconfig['http_log_limit_size'])) {
+		unset($pconfig['http_log_limit_size']);
 		$updated_cfg = true;
 	}
 
-	if (!isset($pconfig['stats_log_retention']) && $pconfig['stats_log_retention'] != '0') {
-		$pconfig['stats_log_retention'] = "168";
+	if (isset($pconfig['stats_log_retention'])) {
+		unset($pconfig['stats_log_retention']);
 		$updated_cfg = true;
 	}
-	if (!isset($pconfig['stats_log_limit_size']) && $pconfig['stats_log_limit_size'] != '0') {
-		$pconfig['stats_log_limit_size'] = "500";
+	if (isset($pconfig['stats_log_limit_size'])) {
+		unset($pconfig['stats_log_limit_size']);
 		$updated_cfg = true;
 	}
 
-	if (!isset($pconfig['tls_log_retention']) && $pconfig['tls_log_retention'] != '0') {
-		$pconfig['tls_log_retention'] = "336";
+	if (isset($pconfig['tls_log_retention'])) {
+		unset($pconfig['tls_log_retention']);
 		$updated_cfg = true;
 	}
-	if (!isset($pconfig['tls_log_limit_size']) && $pconfig['tls_log_limit_size'] != '0') {
-		$pconfig['tls_log_limit_size'] = "500";
+	if (isset($pconfig['tls_log_limit_size'])) {
+		unset($pconfig['tls_log_limit_size']);
 		$updated_cfg = true;
 	}
 
-	if (!isset($pconfig['file_store_retention']) && $pconfig['file_store_retention'] != '0') {
-		$pconfig['file_store_retention'] = "168";
+	if (isset($pconfig['file_store_retention'])) {
+		unset($pconfig['file_store_retention']);
 		$updated_cfg = true;
 	}
 
-	if (!isset($pconfig['u2_archive_log_retention']) && $pconfig['u2_archive_log_retention'] != '0') {
-		$pconfig['u2_archive_log_retention'] = "168";
+	if (isset($pconfig['u2_archive_log_retention'])) {
+		unset($pconfig['u2_archive_log_retention']);
 		$updated_cfg = true;
 	}
 
-- 
cgit v1.2.3