From 6cabee346e055501e39886fb2b3fddbb4799fcdb Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Tue, 9 Apr 2013 17:45:03 -0400
Subject: Add tip to restart Snort after making changes on page.

---
 config/snort/snort_barnyard.php             |  6 +++---
 config/snort/snort_interfaces_suppress.php  |  6 +++---
 config/snort/snort_interfaces_whitelist.php | 11 ++++++++---
 3 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/config/snort/snort_barnyard.php b/config/snort/snort_barnyard.php
index ccbe3c26..21763745 100644
--- a/config/snort/snort_barnyard.php
+++ b/config/snort/snort_barnyard.php
@@ -173,10 +173,10 @@ function enable_change(enable_change) {
 					<?php echo gettext("This will enable barnyard2 for this interface. You will also have to set the database credentials."); ?></td>
 			</tr>
 			<tr>
-				<td colspan="2" valign="top" class="listtopic"><?php echo gettext("Mysql Settings"); ?></td>
+				<td colspan="2" valign="top" class="listtopic"><?php echo gettext("MySQL Settings"); ?></td>
 			</tr>
 			<tr>
-				<td width="22%" valign="top" class="vncell"><?php echo gettext("Log to a Mysql Database"); ?></td>
+				<td width="22%" valign="top" class="vncell"><?php echo gettext("Log to a MySQL Database"); ?></td>
 				<td width="78%" class="vtable"><input name="barnyard_mysql"
 					type="text" class="formfld" id="barnyard_mysql" size="100"
 					value="<?=htmlspecialchars($pconfig['barnyard_mysql']);?>"> <br>
@@ -207,7 +207,7 @@ function enable_change(enable_change) {
 				<td width="22%" valign="top">&nbsp;</td>
 				<td width="78%"><span class="vexpl"><span class="red"><strong><?php echo gettext("Note:"); ?></strong></span>
 				<br>
-				<?php echo gettext("Please save your settings befor you click start."); ?> </td>
+				<?php echo gettext("Please save your settings before you click start."); ?> </td>
 			</tr>
 		</table>
 
diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php
index 93d3f2dc..32f2f6ba 100644
--- a/config/snort/snort_interfaces_suppress.php
+++ b/config/snort/snort_interfaces_suppress.php
@@ -134,10 +134,10 @@ if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
 </table>
 </td></tr>
 <tr>
-	<td colspan="3" width="100%"><span class="vexpl"><span class="red"><strong><?php echo gettext("Note:"); ?></strong></span>
+	<td colspan="3" width="100%"><br/><span class="vexpl"><span class="red"><strong><?php echo gettext("Note:"); ?></strong></span>
 	<p><span class="vexpl"><?php echo gettext("Here you can create event filtering and " .
-	"suppression for your snort package rules."); ?><br>
-	<?php echo gettext("Please note that you must restart a running rule so that changes can " .
+	"suppression for your snort package rules."); ?><br/><br/>
+	<?php echo gettext("Please note that you must restart a running Interface so that changes can " .
 	"take effect."); ?></span></p></td>
 </tr>
 </table>
diff --git a/config/snort/snort_interfaces_whitelist.php b/config/snort/snort_interfaces_whitelist.php
index f90cbe1f..a925ad45 100644
--- a/config/snort/snort_interfaces_whitelist.php
+++ b/config/snort/snort_interfaces_whitelist.php
@@ -154,15 +154,20 @@ if ($savemsg) print_info_box($savemsg);
 	</tr>
 </table>
 <br>
-<table width="100%" border="0" cellpadding="0"
-	cellspacing="0">
+<table width="100%" border="0" cellpadding="1"
+	cellspacing="1">
+	<tr>
 	<td width="100%"><span class="vexpl"><span class="red"><strong><?php echo gettext("Note:"); ?></strong></span>
 	<p><span class="vexpl"><?php echo gettext("Here you can create whitelist files for your " .
 	"snort package rules."); ?><br>
 	<?php echo gettext("Please add all the ips or networks you want to protect against snort " .
 	"block decisions."); ?><br>
 	<?php echo gettext("Remember that the default whitelist only includes local networks."); ?><br>
-	<?php echo gettext("Be careful, it is very easy to get locked out of you system."); ?></span></p></td>
+	<?php echo gettext("Be careful, it is very easy to get locked out of your system."); ?></span></p></td>
+	</tr>
+	<tr>
+	<td width="100%"><span class="vexpl"><?php echo gettext("Remember you must restart Snort on the interface for changes to take effect!"); ?></span></td>
+	</tr>
 </table>
 </form>
 <?php include("fend.inc"); ?>
-- 
cgit v1.2.3


From 31905aef52131b7067441f8f7902b343a4588f72 Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Tue, 9 Apr 2013 20:10:36 -0400
Subject: Update Snort to 2.5.5 - New features and bug fixes

---
 config/snort/snort.inc                        | 331 +++++++++++++++----
 config/snort/snort.xml                        |  10 +-
 config/snort/snort_check_for_rule_updates.php | 459 ++++++++++++++++++--------
 config/snort/snort_define_servers.php         |   4 +-
 config/snort/snort_download_updates.php       |  77 +++--
 config/snort/snort_interfaces.php             |   8 +-
 config/snort/snort_interfaces_edit.php        |  27 +-
 config/snort/snort_interfaces_global.php      | 147 +++++----
 config/snort/snort_log_view.php               |  86 +++++
 config/snort/snort_preprocessors.php          | 103 ++++--
 config/snort/snort_rules.php                  |  39 ++-
 config/snort/snort_rules_edit.php             |  10 +-
 config/snort/snort_rulesets.php               | 155 ++++++---
 13 files changed, 1076 insertions(+), 380 deletions(-)
 create mode 100644 config/snort/snort_log_view.php

diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 27d0b7e5..d8a7cc19 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -37,17 +37,46 @@ require_once("functions.inc");
 // Needed on 2.0 because of filter_get_vpns_list()
 require_once("filter.inc");
 
+// Explicitly declare these as global so they work through function call includes 
+global $snort_rules_file, $snort_version, $emerging_threats_version, $snort_rules_upd_log;
+global $flowbit_rules_file, $snort_enforcing_rules_file, $rebuild_rules, $is_postinstall;
+global $snort_community_rules_filename, $snort_community_rules_url, $emergingthreats_filename;
+
 /* package version */
 $snort_version = "2.9.4.1";
-$pfSense_snort_version = "2.5.4";
+$pfSense_snort_version = "2.5.5";
 $snort_package_version = "Snort {$snort_version} pkg v. {$pfSense_snort_version}";
+
+// Define SNORTDIR and SNORTLIBDIR constants according to FreeBSD version (PBI support or no PBI)
+if (floatval(php_uname("r")) >= 8.3) {
+	exec("/usr/local/sbin/pbi_info | grep 'snort-{$snort_version}' | xargs /usr/local/sbin/pbi_info | awk '/Prefix/ {print $2}'",$pbidirarray);
+	$snort_pbidir = "{$pbidirarray[0]}";
+	define("SNORTDIR", "{$snort_pbidir}/etc/snort");
+	define("SNORTLIBDIR", "{$snort_pbidir}/lib/snort");
+}
+else {
+	define("SNORTDIR", "/usr/local/etc/snort");
+	define("SNORTLIBDIR", "/usr/local/lib/snort");
+}
+
+define("SNORTLOGDIR", "/var/log/snort");
+
+/* Important file definitions */
 $snort_rules_file = "snortrules-snapshot-2941.tar.gz";
 $emerging_threats_version = "2.9.0";
+$emergingthreats_filename = "emerging.rules.tar.gz";
+$snort_community_rules_url = "https://s3.amazonaws.com/snort-org/www/rules/community/";
+$snort_community_rules_filename = "community-rules.tar.gz";
 $flowbit_rules_file = "flowbit-required.rules";
 $snort_enforcing_rules_file = "snort.rules";
+$snort_rules_upd_log = SNORTLOGDIR;
+$snort_rules_upd_log .= "/snort_rules_update.log";
 
-define("SNORTDIR", "/usr/local/etc/snort");
-define("SNORTLOGDIR", "/var/log/snort");
+/* Rebuild Rules Flag -- if "on", rebuild enforcing rules and flowbit-rules files */
+$rebuild_rules = "off";
+
+/* Post-install Flag -- normally "false" except during post-install of package */
+$is_postinstall = false;
 
 if (!is_array($config['installedpackages']['snortglobal']))
 	$config['installedpackages']['snortglobal'] = array();
@@ -427,9 +456,14 @@ function snort_post_delete_logs($snort_uuid = 0) {
 }
 
 function snort_postinstall() {
-	global $config, $g;
+	global $config, $g, $snort_rules_file, $emerging_threats_version;
+	global $snort_version, $rebuild_rules, $is_postinstall;
 
 	$snortdir = SNORTDIR;
+	$snortlibdir = SNORTLIBDIR;
+
+	/* Set flag for post-install in progress */
+	$is_postinstall = true;
 
 	/* cleanup default files */
 	@rename("{$snortdir}/snort.conf-sample", "{$snortdir}/snort.conf");
@@ -440,25 +474,41 @@ function snort_postinstall() {
 	@rename("{$snortdir}/generators-sample", "{$snortdir}/generators");
 	@rename("{$snortdir}/reference.config-sample", "{$snortdir}/reference.config");
 	@rename("{$snortdir}/gen-msg.map-sample", "{$snortdir}/gen-msg.map");
+
+	/* fix up the preprocessor rules filenames from a PBI package install */
+	$preproc_rules = array("decoder.rules", "preprocessor.rules", "sensitive-data.rules");
+	foreach ($preproc_rules as $file) {
+		if (file_exists("{$snortdir}/preproc_rules/{$file}-sample"))
+			@rename("{$snortdir}/preproc_rules/{$file}-sample", "{$snortdir}/preproc_rules/{$file}");
+	}
+
+	/* Remove any previously installed scripts since we rebuild them */
 	@unlink("{$snortdir}/sid");
 	@unlink("/usr/local/etc/rc.d/snort");
 	@unlink("/usr/local/etc/rc.d/barnyard2");
 
-	/* remove example files */
-	if (file_exists('/usr/local/lib/snort/dynamicrules/lib_sfdynamic_example_rule.so.0'))
-		exec('rm /usr/local/lib/snort/dynamicrules/lib_sfdynamic_example*');
-
-	if (file_exists('/usr/local/lib/snort/dynamicpreprocessor/lib_sfdynamic_preprocessor_example.so'))
-		exec('/bin/rm /usr/local/lib/snort/dynamicpreprocessor/lib_sfdynamic_preprocessor_example*');
+	/* remove example library files */
+	$files = glob("{$snortlibdir}/dynamicrules/*_example*");
+	foreach ($files as $f)
+		@unlink($f);
+	$files = glob("{$snortlibdir}/dynamicpreprocessor/*_example*");
+	foreach ($files as $f)
+		@unlink($f);
 
 	/* remake saved settings */
 	if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
 		update_status(gettext("Saved settings detected..."));
-		update_output_window(gettext("Please wait... rebuilding files..."));
+		update_output_window(gettext("Please wait... rebuilding installation with saved settings..."));
 		@include_once("/usr/local/pkg/snort/snort_check_for_rule_updates.php");
+		update_status(gettext("Generating snort.conf configuration file from saved settings..."));
+		$rebuild_rules = "on";
 		sync_snort_package_config();
-		update_output_window(gettext("Finnished Rebuilding files..."));
+		$rebuild_rules = "off";
+		update_output_window(gettext("Finished rebuilding files..."));
 	}
+
+	/* Done with post-install, so clear flag */
+	$is_postinstall = false;
 }
 
 function snort_Getdirsize($node) {
@@ -693,12 +743,15 @@ function snort_rules_up_install_cron($should_install) {
 
 /* Only run when all ifaces needed to sync. Expects filesystem rw */
 function sync_snort_package_config() {
-	global $config, $g;
+	global $config, $g, $flowbit_rules_file, $snort_enforcing_rules_file;
+	global $snort_version, $rebuild_rules;
+
+	$snortdir = SNORTDIR;
 
 	conf_mount_rw();
 
-	/* do not start config build if rules is empty */
-	if (!is_array($config['installedpackages']['snortglobal']) && !is_array($config['installedpackages']['snortglobal']['rule'])) {
+	/* do not start config build if rules is empty or there are no Snort settings */
+	if (!is_array($config['installedpackages']['snortglobal']) || !is_array($config['installedpackages']['snortglobal']['rule'])) {
 		exec('/bin/rm /usr/local/etc/rc.d/snort.sh');
 		conf_mount_ro();
 		return;
@@ -708,10 +761,10 @@ function sync_snort_package_config() {
 	foreach ($snortconf as $value) {
 		$if_real = snort_get_real_interface($value['interface']);
 
-		/* create snort configuration file */
+		/* create a snort.conf file for interface           */
 		snort_generate_conf($value);
 
-		/* create barnyard2 configuration file */
+		/* create barnyard2.conf file for interface         */
 		if ($value['barnyard_enable'] == 'on')
 			snort_create_barnyard2_conf($value, $if_real);
 	}
@@ -748,7 +801,7 @@ function snort_build_sid_msg_map($rules_path, $sid_file) {
 	/* First check if we were passed a directory, a single file   */
 	/* or an array of filenames to read. Set our $rule_files      */
 	/* variable accordingly. If we can't figure it out, return    */
-	/* an empty rules map array.                                  */
+	/* and don't write a sid_msg_map file.                        */
 	if (is_string($rules_path)) {
 		if (is_dir($rules_path))
 			$rule_files = glob($rules_path . "*.rules");
@@ -1272,11 +1325,13 @@ function snort_write_flowbit_rules_file($flowbit_rules, $rule_file) {
 	/* given.                                       */
 	/************************************************/
 
+	global $flowbit_rules_file;
+
 	/* See if we were passed a directory or full    */
 	/* filename to write the rules to, and adjust   */
 	/* the destination argument accordingly.        */
 	if (is_dir($rule_file))
-		$rule_file = rtrim($rule_file, '/').'/flowbit-required.rules';
+		$rule_file = rtrim($rule_file, '/')."/{$flowbit_rules_file}";
 
 	if (empty($flowbit_rules)) {
 		@file_put_contents($rule_file, "");
@@ -1363,7 +1418,7 @@ function snort_write_enforcing_rules_file($rule_map, $rule_path) {
 
 	global $snort_enforcing_rules_file;
 
-	$rule_file = "/snort.rules";
+	$rule_file = "/{$snort_enforcing_rules_file}";
 
 	/* See if we were passed a directory or full    */
 	/* filename to write the rules to, and adjust   */
@@ -1584,6 +1639,7 @@ case $1 in
 		rc_stop
 		;;
 	restart)
+		rc_stop
 		rc_start
 		;;
 esac
@@ -1642,7 +1698,7 @@ function snort_generate_barnyard2_conf($snortcfg, $if_real) {
 config reference_file:	    {$snortdir}/snort_{$snort_uuid}_{$if_real}/reference.config
 config classification_file: {$snortdir}/snort_{$snort_uuid}_{$if_real}/classification.config
 config gen_file:            {$snortdir}/snort_{$snort_uuid}_{$if_real}/gen-msg.map
-config sid_file:	        {$snortdir}/snort_{$snort_uuid}_{$if_real}/sid-msg.map
+config sid_file:	    {$snortdir}/snort_{$snort_uuid}_{$if_real}/sid-msg.map
 
 config hostname:       $snortbarnyardlog_hostname_info_chk
 config interface:      {$if_real}
@@ -1671,12 +1727,13 @@ EOD;
 }
 
 function snort_deinstall() {
-	global $config, $g;
+
+	global $config, $g, $snort_rules_upd_log;
 
 	$snortdir = SNORTDIR;
-	$snortlogdir = SNORTLOGDIR;
+	$snortlibdir = SNORTLIBDIR;
 
-	/* decrease bpf buffers back to 4096, from 20480 */
+	/* Make sure all active Snort processes are terminated */
 	mwexec('/usr/bin/killall snort', true);
 	sleep(2);
 	mwexec('/usr/bin/killall -9 snort', true);
@@ -1685,9 +1742,11 @@ function snort_deinstall() {
 	sleep(2);
 	mwexec('/usr/bin/killall -9 barnyard2', true);
 	sleep(2);
+
+	/* Remove the snort user and group */
 	mwexec('/usr/sbin/pw userdel snort; /usr/sbin/pw groupdel snort', true);
 
-	/* Remove snort cron entries Ugly code needs smoothness*/
+	/* Remove snort cron entries Ugly code needs smoothness */
 	if (!function_exists('snort_deinstall_cron')) {
 		function snort_deinstall_cron($crontask) {
 			global $config, $g;
@@ -1709,22 +1768,49 @@ function snort_deinstall() {
 		}
 	}
 
-	mwexec("/bin/rm {$snortdir}/*.md5; /bin/rm -r {$snortdir}/snort_*");
+	/* Remove all the Snort cron jobs. */
 	snort_deinstall_cron("snort2c");
 	snort_deinstall_cron("snort_check_for_rule_updates.php");
 	snort_deinstall_cron("snort_check_cron_misc.inc");
 	configure_cron();
 
+	/**********************************************************/
+	/* Test for existence of library backup tarballs in /tmp. */
+	/* If these are present, then a package "delete"          */
+	/* operation is in progress and we need to wipe out the   */
+	/* configuration files.  Otherwise we leave the binary-   */
+	/* side configuration intact since only a GUI files       */
+	/* deinstall and reinstall operation is in progress.      */
+	/*							  */
+	/* XXX: hopefully a better method presents itself in      */
+	/*      future versions of pfSense.                       */
+	/**********************************************************/
+	if (file_exists("/tmp/pkg_libs.tgz") || file_exists("/tmp/pkg_bins.tgz")) {
+		mwexec("/bin/rm -rf {$snortdir}");
+		mwexec("/bin/rm -rf {$snortlibdir}/dynamicrules");
+	}
+
 	/* Keep this as a last step */
-	if ($config['installedpackages']['snortglobal']['forcekeepsettings'] != 'on')
+	if ($config['installedpackages']['snortglobal']['forcekeepsettings'] != 'on') {
 		unset($config['installedpackages']['snortglobal']);
+		@unlink("{$snort_rules_upd_log}");
+	}
 }
 
 function snort_prepare_rule_files($snortcfg, $snortcfgdir) {
-	global $snort_enforcing_rules_file, $flowbit_rules_file;
+
+	global $snort_enforcing_rules_file, $flowbit_rules_file, $rebuild_rules;
 
 	$snortdir = SNORTDIR;
 
+	/* If there is no reason to rebuild the rules, exit to save time. */
+	if ($rebuild_rules == "off")
+		return;
+
+	/* Log a message for rules rebuild in progress */
+	log_error(gettext("Updating rules configuration for: " . snort_get_friendly_interface($snortcfg['interface']) . " ..."));
+
+	/* Only rebuild rules if some are selected or an IPS Policy is enabled  */
 	if (!empty($snortcfg['rulesets']) || $snortcfg['ips_policy_enable'] == 'on') {
 		$enabled_rules = array();
 		$enabled_files = array();
@@ -1741,16 +1827,6 @@ function snort_prepare_rule_files($snortcfg, $snortcfgdir) {
 			$enabled_rules = snort_load_rules_map($enabled_files);
 		}
 
-		/* Remove any existing rules files (except custom rules) prior to building a new set. */
-		foreach (glob("{$snortcfgdir}/rules/*.rules") as $file) {
-			$tmpfile = basename($file);
-			if (in_array("{$snortdir}/rules/{$tmpfile}", $enabled_files))
-				continue;
-			if ($tmpfile != "custom.rules" && $tmpfile != $flowbit_rules_file &&
-				$tmpfile != $snort_enforcing_rules_file)
-				@unlink($file);
-		}
-
 		/* Check if a pre-defined Snort VRT policy is selected. If so, */
 		/* add all the VRT policy rules to our enforcing rule set.     */
 		if (!empty($snortcfg['ips_policy'])) {
@@ -1773,9 +1849,12 @@ function snort_prepare_rule_files($snortcfg, $snortcfgdir) {
 		/* Process any enablesid or disablesid modifications for the selected rules. */
 		snort_modify_sids($enabled_rules, $snortcfg);
 
-		/* Check for and disable any rules dependent upon disabled preprocessors. */
-		log_error('Checking for and disabling any rules dependent upon disabled preprocessors for ' . snort_get_friendly_interface($snortcfg['interface']) . '...');
-		snort_filter_preproc_rules($snortcfg, $enabled_rules);
+		/* Check for and disable any rules dependent upon disabled preprocessors if  */
+		/* this option is enabled for the interface.                                 */
+		if ($snortcfg['preproc_auto_rule_disable'] == "on") {
+			log_error('Auto-disabling rules dependent on disabled preprocessors for ' . snort_get_friendly_interface($snortcfg['interface']) . '...');
+			snort_filter_preproc_rules($snortcfg, $enabled_rules);
+		}
 
 		/* Write the enforcing rules file to the Snort interface's "rules" directory. */
 		snort_write_enforcing_rules_file($enabled_rules, "{$snortcfgdir}/rules/{$snort_enforcing_rules_file}");
@@ -1783,9 +1862,19 @@ function snort_prepare_rule_files($snortcfg, $snortcfgdir) {
 
 		/* If auto-flowbit resolution is enabled, generate the dependent flowbits rules file. */
 		if ($snortcfg['autoflowbitrules'] == 'on') {
-			log_error('Resolving and auto-enabling flowbit required rules for ' . snort_get_friendly_interface($snortcfg['interface']) . '...');
+			log_error('Resolving and auto-enabling any flowbit-required rules for ' . snort_get_friendly_interface($snortcfg['interface']) . '...');
 			$enabled_files[] = "{$snortcfgdir}/rules/{$snort_enforcing_rules_file}";
-			snort_write_flowbit_rules_file(snort_resolve_flowbits($enabled_files), "{$snortcfgdir}/rules/{$flowbit_rules_file}");
+			$fbits = snort_resolve_flowbits($enabled_files);
+
+			/* Check for and disable any flowbit-required rules dependent upon     */
+			/* disabled preprocessors if this option is enabled for the interface. */
+			if ($snortcfg['preproc_auto_rule_disable'] == "on") {
+				log_error('Auto-disabling flowbit-required rules dependent on disabled preprocessors for ' . snort_get_friendly_interface($snortcfg['interface']) . '...');
+				snort_filter_preproc_rules($snortcfg, $fbits, true);
+			}
+			snort_filter_preproc_rules($snortcfg, $fbits, true);
+			snort_write_flowbit_rules_file($fbits, "{$snortcfgdir}/rules/{$flowbit_rules_file}");
+			unset($fbits);
 		} else
 			/* Just put an empty file to always have the file present */
 			snort_write_flowbit_rules_file(array(), "{$snortcfgdir}/rules/{$flowbit_rules_file}");
@@ -1803,10 +1892,11 @@ function snort_prepare_rule_files($snortcfg, $snortcfgdir) {
 
 	/* Build a new sid-msg.map file from the enabled */
 	/* rules and copy it to the interface directory. */
+	log_error(gettext("Building new sig-msg.map file for " . snort_get_friendly_interface($snortcfg['interface']) . "..."));
 	snort_build_sid_msg_map("{$snortcfgdir}/rules/", "{$snortcfgdir}/sid-msg.map");
 }
 
-function snort_filter_preproc_rules($snortcfg, &$active_rules) {
+function snort_filter_preproc_rules($snortcfg, &$active_rules, $persist_log = false) {
 
 	/**************************************************/
 	/* This function checks the $active_rules array   */
@@ -1819,11 +1909,22 @@ function snort_filter_preproc_rules($snortcfg, &$active_rules) {
 	/*                  the interface                 */
 	/* $active_rules -> rules_map array of enabled    */
 	/*                  rules for the interface       */
+	/*						  */
+	/* NOTE: This feature must be enabled in the GUI  */
+	/*       by the user.  Use of this feature can    */
+	/*       severely degrade Snort's ability to      */
+	/*       detect threats by disabling potentially  */
+	/*       crucial detection rules.                 */
 	/**************************************************/
 
 	global $config;
 
-	if (empty($active_rules))
+	$snortlogdir = SNORTLOGDIR;
+	$disabled_count = 0;
+	$log_msg = array();
+
+	/* Check if no rules or if this option is disabled */
+	if (empty($active_rules) || $snortcfg['preproc_auto_rule_disable'] <> 'on')
 		return;
 
 	/***************************************************
@@ -1833,8 +1934,20 @@ function snort_filter_preproc_rules($snortcfg, &$active_rules) {
 	 * IMPORTANT -- Keep this part of the code current *
 	 * with changes to preprocessor rule options in    *
 	 * Snort VRT rules.                                *
+	 *                                                 *
+	 *                                                 *
+	 * Format of array is:                             *
+	 *    "rule_option" => "dependent_preprocessor"    *
+	 *                                                 *
+	 * Last Update: 04/05/2013                         *
+	 *                                                 *
+	 * Added: http_inspect content modifiers and       *
+	 *        various "service" metadata values.       *
+	 *                                                 *
 	 ***************************************************/
 	$rule_opts_preprocs = array("ssl_version:" => "ssl_preproc","ssl_state:" => "ssl_preproc",
+				    "service ssl" => "ssl_preproc", "service ftp" => "ftp_preprocessor",
+				    "service telnet" => "ftp_preprocessor", "service dns" => "dns_preprocessor",
 		 		    "dce_iface:" => "dce_rpc_2", "dce_opnum:" => "dce_rpc_2",
 				    "dce_stub_data;" => "dce_rpc_2", "sd_pattern:" => "sensitive_data",
 				    "sip_method:" => "sip_preproc", "sip_stat_code:" => "sip_preproc",
@@ -1843,7 +1956,16 @@ function snort_filter_preproc_rules($snortcfg, &$active_rules) {
 				    "gtp_version:" => "gtp_preproc", "modbus_func:" => "modbus_preproc",
 				    "modbus_unit:" => "modbus_preproc", "modbus_data;" => "modbus_preproc",
 				    "dnp3_func:" => "dnp3_preproc", "dnp3_obj:" => "dnp3_preproc",
-				    "dnp3_ind:" => "dnp3_preproc", "dnp3_data;" => "dnp3_preproc");
+				    "dnp3_ind:" => "dnp3_preproc", "dnp3_data;" => "dnp3_preproc",
+				    "http_client_body;" => "http_inspect", "http_cookie;" => "http_inspect",
+				    "http_raw_cookie;" => "http_inspect", "http_header;" => "http_inspect",
+				    "http_raw_header;" => "http_inspect", "http_method;" => "http_inspect",
+				    "http_uri;" => "http_inspect", "http_raw_uri;" => "http_inspect",
+				    "http_stat_code;" => "http_inspect", "http_stat_msg;" => "http_inspect",
+				    "uricontent:" => "http_inspect", "urilen:" => "http_inspect",
+				    "http_encode;" => "http_inspect", "service http" => "http_inspect",
+				    "service imap" => "imap_preproc", "service pop2" => "pop_preproc",
+				    "service pop3" => "pop_preproc", "service smtp" => "smtp_preprocessor");
 
 	/***************************************************
 	 * Iterate the enabled rules, and check for rule   *
@@ -1855,32 +1977,94 @@ function snort_filter_preproc_rules($snortcfg, &$active_rules) {
 	 ***************************************************/
 	foreach ($active_rules as $k1 => $rulem) {
 		foreach ($rulem as $k2 => $v) {
+
 			/* If rule is already disabled, skip it. */
 			if ($v['disabled'] == 1)
 				continue;
+
 			foreach ($rule_opts_preprocs as $opt => $preproc) {
-				$pcre = "/\s*\b" . $opt . "/i";
+				$pcre = "/\s*\b" . preg_quote($opt) . "/i";
 				if (($snortcfg[$preproc] != 'on') && preg_match($pcre, $v['rule'])) {
 					$active_rules[$k1][$k2]['rule'] = "# " . $v['rule'];
 					$active_rules[$k1][$k2]['disabled'] = 1;
+					$disabled_count++;
+
+					/* Accumulate auto-disabled rules for logging */
+					$tmp = $active_rules[$k1][$k2]['category'] . "  ";
+					$tmp .= "{$k1}:{$k2}  Preproc: {$preproc}  Param: {$opt}";
+					$log_msg[] = $tmp;
 					break;
 				}
 			}
 		}
 	}
+
+	/***************************************************************/
+	/* If we are persisting the log from the last pass, then open  */
+	/* the log file in append mode.  Otherwise open in overwrite   */
+	/* to clear the log in case we have zero disabled rules.       */
+	/*							       */
+	/* Typically "persist log" mode is used on the second pass     */
+	/* when flowbit-required rules are being assessed after the    */
+	/* primary enforcing rules have been evaluated.                */
+	/***************************************************************/
+	$iface = snort_get_friendly_interface($snortcfg['interface']);
+	$file = "{$snortlogdir}/{$iface}_disabled_preproc_rules.log";
+	if ($persist_log)
+		$fp = fopen($file, 'a');
+	else
+		$fp = fopen($file, 'w');
+
+	/***************************************************/
+	/* Log a warning if we auto-disabled any rules     */
+	/* just so the user is aware protection is less    */
+	/* than optimal with the preprocessors disabled.   */
+	/***************************************************/
+	if ($disabled_count > 0) {
+		log_error(gettext("Warning:  auto-disabled {$disabled_count} rules due to disabled preprocessor dependencies."));
+		natcasesort($log_msg);
+		if ($fp) {
+			/* Only write the header when not persisting the log */
+			if (!$persist_log) {
+				@fwrite($fp, "#\n# Run Time: " . date("Y-m-d H:i:s") . "\n#\n");
+				@fwrite($fp, "#\n# These rules were auto-disabled because they contain options or operators\n");
+				@fwrite($fp, "# dependent on preprocessors that are currently NOT ENABLED on the Preprocessors\n");
+				@fwrite($fp, "# tab.  Without these dependent preprocessors enabled, Snort would fail to start\n");
+				@fwrite($fp, "# if the rules listed below were enabled.  Therefore the listed rules have been\n");
+				@fwrite($fp, "# automatically disabled.  This behavior is controlled by the Auto-Rule Disable\n");
+				@fwrite($fp, "# feature on the Preprocessors tab.\n#\n");
+				@fwrite($fp, "# WARNING: Using the auto-disable rule feature is not recommended because it can\n");
+				@fwrite($fp, "# significantly reduce the threat detection capabilities of Snort!\n#\n");
+				@fwrite($fp, "# Log Format is: RULE CATEGORY    GID:SID   PREPROC   METADATA/CONTENT PARAMETER\n#\n");
+			}
+			foreach ($log_msg as $m) {
+				@fwrite($fp, $m . "\n");
+			}
+		}
+		log_error(gettext("See '{$file}' for list of auto-disabled rules."));
+		unset($log_msg);
+	}
+	if ($fp)
+		fclose($fp);
 }
 
 function snort_generate_conf($snortcfg) {
-	global $config, $g;
+
+	global $config, $g, $flowbit_rules_file, $snort_enforcing_rules_file, $rebuild_rules;
 
 	$snortdir = SNORTDIR;
+	$snortlibdir = SNORTLIBDIR;
 	$snortlogdir = SNORTLOGDIR;
-	$flowbit_rules_file = "flowbit-required.rules";
-	$snort_enforcing_rules_file = "snort.rules";
 
 	if (!is_array($config['installedpackages']['snortglobal']['rule']))
 		return;
 
+	/* See if we should protect and not modify the preprocessor rules files */
+	if (!empty($snortcfg['protect_preproc_rules'])) 	
+		$protect_preproc_rules = $snortcfg['protect_preproc_rules'];
+	else
+		$protect_preproc_rules = "off";
+
 	$if_real = snort_get_real_interface($snortcfg['interface']);
 	$snort_uuid = $snortcfg['uuid'];
 	$snortcfgdir = "{$snortdir}/snort_{$snort_uuid}_{$if_real}";
@@ -1903,8 +2087,8 @@ function snort_generate_conf($snortcfg) {
 		"{$snortlogdir}/snort_{$if_real}{$snort_uuid}",
 		"{$snortlogdir}/snort_{$if_real}{$snort_uuid}/barnyard2", 
 		"{$snortcfgdir}/preproc_rules", 
-		"dynamicrules" => "/usr/local/lib/snort/dynamicrules",
-		"dynamicengine" => "/usr/local/lib/snort/dynamicengine",
+		"dynamicrules" => "{$snortlibdir}/dynamicrules",
+		"dynamicengine" => "{$snortlibdir}/dynamicengine",
 		"dynamicpreprocessor" => "{$snortcfgdir}/dynamicpreprocessor"
 	    );
 	foreach ($snort_dirs as $dir) {
@@ -1912,13 +2096,24 @@ function snort_generate_conf($snortcfg) {
 			safe_mkdir($dir);
 	}
 
+	/********************************************************************/
+	/* For fail-safe on an initial startup following installation, and  */
+	/* before a rules update has occurred, copy the default config      */
+	/* files to the interface directory.  If files already exist in     */
+	/* the interface directory, or they are newer, that means a rule    */
+	/* update has been done and we should leave the customized files    */
+	/* put in place by the rules update process.                        */
+	/********************************************************************/
 	$snort_files = array("gen-msg.map", "classification.config", "reference.config",
 			"sid-msg.map", "unicode.map", "threshold.conf", "preproc_rules/preprocessor.rules",
 			"preproc_rules/decoder.rules", "preproc_rules/sensitive-data.rules"
 		);
 	foreach ($snort_files as $file) {
-		if (file_exists("{$snortdir}/{$file}"))
-			@copy("{$snortdir}/{$file}", "{$snortcfgdir}/{$file}");
+		if (file_exists("{$snortdir}/{$file}")) {
+			$ftime = filemtime("{$snortdir}/{$file}");
+			if (!file_exists("{$snortcfgdir}/{$file}") || ($ftime > filemtime("{$snortcfgdir}/{$file}")))
+				@copy("{$snortdir}/{$file}", "{$snortcfgdir}/{$file}");
+		}
 	}
 
 	/* define alertsystemlog */
@@ -2012,7 +2207,7 @@ EOD;
 	if ((!empty($snortcfg['client_flow_depth'])) || ($snortcfg['client_flow_depth'] == '0'))
 		$def_client_flow_depth_type = $snortcfg['client_flow_depth'];
 
-	if ($snortcfg['noalert_http_inspect'] == 'on')
+	if ($snortcfg['noalert_http_inspect'] == 'on' || empty($snortcfg['noalert_http_inspect']))
 		$noalert_http_inspect = "no_alerts ";
 	else
 		$noalert_http_inspect = "";
@@ -2257,6 +2452,16 @@ EOD;
 	if (!empty($snortcfg['stream5_mem_cap']))
 		$def_stream5_mem_cap = ", memcap {$snortcfg['stream5_mem_cap']}";
 
+	/* Default the HTTP_INSPECT preprocessor to "on" if not set.  */
+	/* The preprocessor is required by hundreds of Snort rules,   */
+	/* and without it Snort may not start and/or the number of    */
+	/* rules required to be disabled reduces Snort's capability.  */
+	/* Alerts from the HTTP_INSPECT preprocessor default to "off" */
+	/* unless a specific value has been set by the user.          */
+	/**************************************************************/
+	if (empty($snortcfg['http_inspect']))
+		$snortcfg['http_inspect'] = 'on';
+
 	/* define servers and ports snortdefservers */
 	$snort_servers = array (
 		"dns_servers" => "\$HOME_NET", "smtp_servers" => "\$HOME_NET", "http_servers" => "\$HOME_NET",
@@ -2295,8 +2500,8 @@ EOD;
 			if (!empty($snort_preproc_libs[$preproc])) {
 				$preproclib = "libsf_" . $snort_preproc_libs[$preproc];
 				if (!file_exists($snort_dirs['dynamicpreprocessor'] . "{$preproclib}.so")) {
-					if (file_exists("/usr/local/lib/snort/dynamicpreprocessor/{$preproclib}.so")) {
-						@copy("/usr/local/lib/snort/dynamicpreprocessor/{$preproclib}.so", "{$snort_dirs['dynamicpreprocessor']}/{$preproclib}.so");
+					if (file_exists("{$snortlibdir}/dynamicpreprocessor/{$preproclib}.so")) {
+						@copy("{$snortlibdir}/dynamicpreprocessor/{$preproclib}.so", "{$snort_dirs['dynamicpreprocessor']}/{$preproclib}.so");
 						$snort_preprocessors .= $$preproc;
 						$snort_preprocessors .= "\n";
 					} else
@@ -2318,22 +2523,26 @@ EOD;
 	if (file_exists("{$snortcfgdir}/classification.config"))
 		$snort_misc_include_rules .= "include {$snortcfgdir}/classification.config\n";
 	if (is_dir("{$snortcfgdir}/preproc_rules")) {
-		if ($snortcfg['sensitive_data'] == 'on') {
+		if ($snortcfg['sensitive_data'] == 'on' && $protect_preproc_rules == "off") {
 			$sedcmd = '/^#alert.*classtype:sdf/s/^#//';
 			if (file_exists("{$snortcfgdir}/preproc_rules/sensitive-data.rules"))
 				$snort_misc_include_rules .= "include \$PREPROC_RULE_PATH/sensitive-data.rules\n";
 		} else
 			$sedcmd = '/^alert.*classtype:sdf/s/^/#/';
 		if (file_exists("{$snortcfgdir}/preproc_rules/decoder.rules") &&
-		    file_exists("{$snortcfgdir}/preproc_rules/preprocessor.rules")) {
+		    file_exists("{$snortcfgdir}/preproc_rules/preprocessor.rules") && $protect_preproc_rules == "off") {
 			@file_put_contents("{$g['tmp_path']}/sedcmd", $sedcmd);
 			mwexec("/usr/bin/sed -I '' -f {$g['tmp_path']}/sedcmd {$snortcfgdir}/preproc_rules/preprocessor.rules");
 			mwexec("/usr/bin/sed -I '' -f {$g['tmp_path']}/sedcmd {$snortcfgdir}/preproc_rules/decoder.rules");
 			@unlink("{$g['tmp_path']}/sedcmd");
-
 			$snort_misc_include_rules .= "include \$PREPROC_RULE_PATH/decoder.rules\n";
 			$snort_misc_include_rules .= "include \$PREPROC_RULE_PATH/preprocessor.rules\n";
-		} else {
+		} else if (file_exists("{$snortcfgdir}/preproc_rules/decoder.rules") &&
+			   file_exists("{$snortcfgdir}/preproc_rules/preprocessor.rules") && $protect_preproc_rules == "on") {
+			$snort_misc_include_rules .= "include \$PREPROC_RULE_PATH/decoder.rules\n";
+			$snort_misc_include_rules .= "include \$PREPROC_RULE_PATH/preprocessor.rules\n";
+		}
+		else {
 			$snort_misc_include_rules .= "config autogenerate_preprocessor_decoder_rules\n";
 			log_error("Seems preprocessor/decoder rules are missing, enabling autogeneration of them");
 		}
diff --git a/config/snort/snort.xml b/config/snort/snort.xml
index b18e66e1..fff8d251 100755
--- a/config/snort/snort.xml
+++ b/config/snort/snort.xml
@@ -46,8 +46,8 @@
 	<requirements>Describe your package requirements here</requirements>
 	<faq>Currently there are no FAQ items provided.</faq>
 	<name>Snort</name>
-	<version>2.9.2.3</version>
-	<title>Services:2.9.2.3 pkg v. 2.5.3</title>
+	<version>2.9.4.1</version>
+	<title>Services:2.9.4.1 pkg v. 2.5.5</title>
 	<include_file>/usr/local/pkg/snort/snort.inc</include_file>
 	<menu>
 		<name>Snort</name>
@@ -163,6 +163,11 @@
 		<chmod>077</chmod>
 		<item>http://www.pfsense.com/packages/config/snort/snort_interfaces_suppress_edit.php</item>
 	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/www/snort/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort/snort_log_view.php</item>
+	</additional_files_needed>
 	<fields>
 	</fields>
 	<custom_add_php_command>
@@ -177,3 +182,4 @@
 		snort_deinstall();
 	</custom_php_deinstall_command>
 </packagegui>
+
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index af5d378c..740dc591 100755
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -31,54 +31,72 @@
 
 require_once("functions.inc");
 require_once("service-utils.inc");
-require_once("/usr/local/pkg/snort/snort.inc");
+require_once "/usr/local/pkg/snort/snort.inc";
 
-global $snort_gui_include;
+global $snort_gui_include, $vrt_enabled, $et_enabled, $rebuild_rules, $snort_rules_upd_log;
+global $protect_preproc_rules, $is_postinstall, $snort_community_rules_filename;
+global $snort_community_rules_url, $snort_rules_file, $emergingthreats_filename;
 
 $snortdir = SNORTDIR;
+$snortlibdir = SNORTLIBDIR;
+$snortlogdir = SNORTLOGDIR;
 
 if (!isset($snort_gui_include))
 	$pkg_interface = "console";
 
-$tmpfname = "{$snortdir}/tmp/snort_rules_up";
-$snort_filename_md5 = "{$snort_rules_file}.md5";
-$snort_filename = "{$snort_rules_file}";
-$emergingthreats_filename_md5 = "emerging.rules.tar.gz.md5";
-$emergingthreats_filename = "emerging.rules.tar.gz";
-
 /* define checks */
 $oinkid = $config['installedpackages']['snortglobal']['oinkmastercode'];
 $snortdownload = $config['installedpackages']['snortglobal']['snortdownload'];
 $emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats'];
+$snortcommunityrules = $config['installedpackages']['snortglobal']['snortcommunityrules'];
 $vrt_enabled = $config['installedpackages']['snortglobal']['snortdownload'];
 $et_enabled = $config['installedpackages']['snortglobal']['emergingthreats'];
 
-/* Start of code */
-conf_mount_rw();
+/* Directory where we download rule tarballs */
+$tmpfname = "{$snortdir}/tmp/snort_rules_up";
+
+/* Snort VRT rules files and URL */
+$snort_filename_md5 = "{$snort_rules_file}.md5";
+$snort_filename = "{$snort_rules_file}";
+$snort_rule_url = "http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/";
 
-if (!is_dir($tmpfname))
-	exec("/bin/mkdir -p {$tmpfname}");
+/* Emerging Threats rules MD5 file */
+$emergingthreats_filename_md5 = "{$emergingthreats_filename}.md5";
 
-/* Set user agent to Mozilla */
-ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
-ini_set("memory_limit","150M");
+/* Snort GPLv2 Community Rules MD5 file */
+$snort_community_rules_filename_md5 = "{$snort_community_rules_filename}.md5";
+
+/* Start of code */
+conf_mount_rw();
 
 /*  remove old $tmpfname files */
 if (is_dir("{$tmpfname}"))
 	exec("/bin/rm -r {$tmpfname}");
 
-/*  Make sure snortdir exits */
+/*  Make sure required snortdirs exsist */
 exec("/bin/mkdir -p {$snortdir}/rules");
 exec("/bin/mkdir -p {$snortdir}/signatures");
+exec("/bin/mkdir -p {$snortdir}/preproc_rules");
 exec("/bin/mkdir -p {$tmpfname}");
-exec("/bin/mkdir -p /usr/local/lib/snort/dynamicrules");
+exec("/bin/mkdir -p {$snortlibdir}/dynamicrules");
+exec("/bin/mkdir -p {$snortlogdir}");
+
+/* See if we need to automatically clear the Update Log based on 1024K size limit */
+if (file_exists($snort_rules_upd_log)) {
+	if (1048576 < filesize($snort_rules_upd_log))
+		exec("/bin/rm -r {$snort_rules_upd_log}");
+}
+
+/* Log start time for this rules update */
+error_log(gettext("Starting rules update...  Time: " . date("Y-m-d H:i:s") . "\n"), 3, $snort_rules_upd_log);
 
 /*  download md5 sig from snort.org */
 if ($snortdownload == 'on') {
-	update_status(gettext("Downloading snort.org md5 file..."));
+	update_status(gettext("Downloading Snort VRT md5 file..."));
+	error_log(gettext("\tDownloading Snort VRT md5 file...\n"), 3, $snort_rules_upd_log);
         $max_tries = 4;
         while ($max_tries > 0) {
-	       $image = @file_get_contents("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename_md5}");
+	       $image = @file_get_contents("{$snort_rule_url}{$snort_filename_md5}");
                if (false === $image) {
                        $max_tries--;
                        if ($max_tries > 0)
@@ -88,14 +106,16 @@ if ($snortdownload == 'on') {
                        break;
         }
         log_error("Snort MD5 Attempts: " . (4 - $max_tries + 1));
+        error_log("\tChecking Snort VRT md5 file...\n", 3, $snort_rules_upd_log);
 	@file_put_contents("{$tmpfname}/{$snort_filename_md5}", $image);
 	if (0 == filesize("{$tmpfname}/{$snort_filename_md5}")) {
 		update_status(gettext("Please wait... You may only check for New Rules every 15 minutes..."));
 		log_error(gettext("Please wait... You may only check for New Rules every 15 minutes..."));
 		update_output_window(gettext("Rules are released every month from snort.org. You may download the Rules at any time."));
 		$snortdownload = 'off';
+		error_log(gettext("\tSnort VRT md5 download failed.  Site may be offline or Oinkcode is not authorized for this level or version.\n"), 3, $snort_rules_upd_log);
 	} else
-		update_status(gettext("Done downloading snort.org md5"));
+		update_status(gettext("Done downloading snort.org md5."));
 }
 
 /* Check if were up to date snort.org */
@@ -104,8 +124,9 @@ if ($snortdownload == 'on') {
 		$md5_check_new = file_get_contents("{$tmpfname}/{$snort_filename_md5}");
 		$md5_check_old = file_get_contents("{$snortdir}/{$snort_filename_md5}");
 		if ($md5_check_new == $md5_check_old) {
-			update_status(gettext("Snort rules are up to date..."));
-			log_error("Snort rules are up to date...");
+			update_status(gettext("Snort VRT rules are up to date..."));
+			log_error(gettext("Snort VRT rules are up to date..."));
+			error_log(gettext("\tSnort VRT rules are up to date.\n"), 3, $snort_rules_upd_log);
 			$snortdownload = 'off';
 		}
 	}
@@ -113,11 +134,12 @@ if ($snortdownload == 'on') {
 
 /* download snortrules file */
 if ($snortdownload == 'on') {
-	update_status(gettext("There is a new set of Snort.org rules posted. Downloading..."));
-	log_error(gettext("There is a new set of Snort.org rules posted. Downloading..."));
+	update_status(gettext("There is a new set of Snort VRT rules posted. Downloading..."));
+	log_error(gettext("There is a new set of Snort VRT rules posted. Downloading..."));
+	error_log(gettext("\tThere is a new set of Snort VRT rules posted. Downloading...\n"), 3, $snort_rules_upd_log);
         $max_tries = 4;
         while ($max_tries > 0) {
-        	download_file_with_progress_bar("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename}", "{$tmpfname}/{$snort_filename}");
+        	download_file_with_progress_bar("{$snort_rule_url}{$snort_filename}", "{$tmpfname}/{$snort_filename}");
         	if (300000 > filesize("{$tmpfname}/$snort_filename")){
                         $max_tries--;
                         if ($max_tries > 0)
@@ -126,19 +148,104 @@ if ($snortdownload == 'on') {
                 } else
                         break;
         }  
-	update_status(gettext("Done downloading rules file."));
+	update_status(gettext("Done downloading Snort VRT rules file."));
         log_error("Snort Rules Attempts: " . (4 - $max_tries + 1));
+	error_log(gettext("\tDone downloading rules file.\n"),3, $snort_rules_upd_log);
 	if (300000 > filesize("{$tmpfname}/$snort_filename")){
-		update_output_window(gettext("Snort rules file download failed..."));
-		log_error(gettext("Snort rules file download failed..."));
+		update_output_window(gettext("Snort VRT rules file download failed..."));
+		log_error(gettext("Snort VRT rules file download failed..."));
                 log_error("Failed Rules Filesize: " . filesize("{$tmpfname}/$snort_filename"));
+		error_log(gettext("\tSnort VRT rules file download failed.  Snort VRT rules will not be updated.\n"), 3, $snort_rules_upd_log);
 		$snortdownload = 'off';
 	}
 }
 
+/*  download md5 sig from Snort GPLv2 Community Rules */
+if ($snortcommunityrules == 'on') {
+	update_status(gettext("Downloading Snort GPLv2 Community Rules md5 file..."));
+	error_log(gettext("\tDownloading Snort GPLv2 Community Rules md5 file...\n"), 3, $snort_rules_upd_log);
+        $image = file_get_contents("{$snort_community_rules_url}{$snort_community_rules_filename_md5}");
+	update_status(gettext("Done downloading Snort GPLv2 Community Rules md5"));
+	error_log(gettext("\tChecking Snort GPLv2 Community Rules md5.\n"), 3, $snort_rules_upd_log);
+	@file_put_contents("{$tmpfname}/{$snort_community_rules_filename_md5}", $image);
+
+	/* See if the file download was successful, and turn off Snort GPLv2 update if it failed. */
+	if (0 == filesize("{$tmpfname}/{$snort_community_rules_filename_md5}")){
+		update_output_window(gettext("Snort GPLv2 Community Rules md5 file download failed.  Community Rules will not be updated."));
+		log_error(gettext("Snort GPLv2 Community Rules md5 file download failed.  Community Rules will not be updated."));
+		error_log(gettext("\tSnort GPLv2 Community Rules md5 file download failed.  Community Rules will not be updated.\n"), 3, $snort_rules_upd_log);
+		$snortcommunityrules = 'off';
+	}
+
+	if (file_exists("{$snortdir}/{$snort_community_rules_filename_md5}") && $snortcommunityrules == "on") {
+		/* Check if were up to date Snort GPLv2 Community Rules */
+		$snort_comm_md5_check_new = file_get_contents("{$tmpfname}/{$snort_community_rules_filename_md5}");
+		$snort_comm_md5_check_old = file_get_contents("{$snortdir}/{$snort_community_rules_filename_md5}");
+		if ($snort_comm_md5_check_new == $snort_comm_md5_check_old) {
+			update_status(gettext("Snort GPLv2 Community Rules are up to date..."));
+			log_error(gettext("Snort GPLv2 Community Rules are up to date..."));
+			error_log(gettext("\tSnort GPLv2 Community Rules are up to date.\n"), 3, $snort_rules_upd_log);
+			$snortcommunityrules = 'off';
+		}
+	}
+}
+
+/* download Snort GPLv2 Community rules file */
+if ($snortcommunityrules == "on") {
+	update_status(gettext("There is a new set of Snort GPLv2 Community Rules posted. Downloading..."));
+	log_error(gettext("There is a new set of Snort GPLv2 Community Rules posted. Downloading..."));
+	error_log(gettext("\tThere is a new set of Snort GPLv2 Community Rules posted. Downloading...\n"), 3, $snort_rules_upd_log);
+	download_file_with_progress_bar("{$snort_community_rules_url}{$snort_community_rules_filename}", "{$tmpfname}/{$snort_community_rules_filename}");
+
+	/* Test for a valid rules file download.  Turn off Snort Community update if download failed. */
+	if (150000 > filesize("{$tmpfname}/{$snort_community_rules_filename}")){
+		update_output_window(gettext("Snort GPLv2 Community Rules file download failed..."));
+		log_error(gettext("Snort GPLv2 Community Rules file download failed..."));
+                log_error("Failed Rules Filesize: " . filesize("{$tmpfname}/{$snort_community_rules_filename}"));
+		error_log(gettext("\tSnort GPLv2 Community Rules file download failed.  Community Rules will not be updated.\n"), 3, $snort_rules_upd_log);
+		$snortcommunityrules = 'off';
+	}
+	else {
+		update_status(gettext('Done downloading Snort GPLv2 Community Rules file.'));
+		log_error("Snort GPLv2 Community Rules file update downloaded succsesfully");
+		error_log(gettext("\tDone downloading Snort GPLv2 Community Rules file.\n"), 3, $snort_rules_upd_log);
+	}
+}
+
+/* Untar Snort GPLv2 Community rules to tmp */
+if ($snortcommunityrules == 'on') {
+	safe_mkdir("{$snortdir}/tmp/community");
+	if (file_exists("{$tmpfname}/{$snort_community_rules_filename}")) {
+		update_status(gettext("Extracting Snort GPLv2 Community Rules..."));
+		error_log(gettext("\tExtracting and installing Snort GPLv2 Community Rules...\n"), 3, $snort_rules_upd_log);
+		exec("/usr/bin/tar xzf {$tmpfname}/{$snort_community_rules_filename} -C {$snortdir}/tmp/community/");
+
+		$files = glob("{$snortdir}/tmp/community/community-rules/*.rules");
+		foreach ($files as $file) {
+			$newfile = basename($file);
+			@copy($file, "{$snortdir}/rules/GPLv2_{$newfile}");
+		}
+                /* base etc files for Snort GPLv2 Community rules */
+		foreach (array("classification.config", "reference.config", "gen-msg.map", "unicode.map") as $file) {
+			if (file_exists("{$snortdir}/tmp/community/community-rules/{$file}"))
+				@copy("{$snortdir}/tmp/community/community-rules/{$file}", "{$snortdir}/tmp/GPLv2_{$file}");
+		}
+
+		/*  Copy snort community md5 sig to snort dir */
+		if (file_exists("{$tmpfname}/{$snort_community_rules_filename_md5}")) {
+			update_status(gettext("Copying md5 signature to snort directory..."));
+			@copy("{$tmpfname}/$snort_community_rules_filename_md5", "{$snortdir}/{$snort_community_rules_filename_md5}");
+		}
+                update_status(gettext("Extraction of Snort GPLv2 Community Rules completed..."));
+		error_log(gettext("\tInstallation of Snort GPLv2 Community Rules completed.\n"), 3, $snort_rules_upd_log);
+		exec("rm -r {$snortdir}/tmp/community");
+	}
+}
+
 /*  download md5 sig from emergingthreats.net */
 if ($emergingthreats == 'on') {
-	update_status(gettext("Downloading emergingthreats md5 file..."));
+	update_status(gettext("Downloading EmergingThreats md5 file..."));
+	error_log(gettext("\tDownloading EmergingThreats md5 file...\n"), 3, $snort_rules_upd_log);
 
 	/* If using Sourcefire VRT rules with ET, then we should use the open-nogpl ET rules.  */
 	if ($vrt_enabled == "on")
@@ -146,17 +253,26 @@ if ($emergingthreats == 'on') {
 	else
 	        $image = @file_get_contents("http://rules.emergingthreats.net/open/snort-{$emerging_threats_version}/emerging.rules.tar.gz.md5");
 
-	/* XXX: error checking */
+	update_status(gettext("Done downloading EmergingThreats md5"));
+	error_log(gettext("\tChecking EmergingThreats md5.\n"), 3, $snort_rules_upd_log);
 	@file_put_contents("{$tmpfname}/{$emergingthreats_filename_md5}", $image);
-	update_status(gettext("Done downloading emergingthreats md5"));
 
-	if (file_exists("{$snortdir}/{$emergingthreats_filename_md5}")) {
+	/* See if the file download was successful, and turn off ET update if it failed. */
+	if (0 == filesize("{$tmpfname}/$emergingthreats_filename_md5")){
+		update_output_window(gettext("EmergingThreats md5 file download failed.  EmergingThreats rules will not be updated."));
+		log_error(gettext("EmergingThreats md5 file download failed.  EmergingThreats rules will not be updated."));
+		error_log(gettext("\tEmergingThreats md5 file download failed.  EmergingThreats rules will not be updated.\n"), 3, $snort_rules_upd_log);
+		$emergingthreats = 'off';
+	}
+
+	if (file_exists("{$snortdir}/{$emergingthreats_filename_md5}") && $emergingthreats == "on") {
 		/* Check if were up to date emergingthreats.net */
 		$emerg_md5_check_new = file_get_contents("{$tmpfname}/{$emergingthreats_filename_md5}");
 		$emerg_md5_check_old = file_get_contents("{$snortdir}/{$emergingthreats_filename_md5}");
 		if ($emerg_md5_check_new == $emerg_md5_check_old) {
-			update_status(gettext("Emerging threat rules are up to date..."));
-			log_error(gettext("Emerging threat rules are up to date..."));
+			update_status(gettext("Emerging Threats rules are up to date..."));
+			log_error(gettext("Emerging Threat rules are up to date..."));
+			error_log(gettext("\tEmerging Threats rules are up to date.\n"), 3, $snort_rules_upd_log);
 			$emergingthreats = 'off';
 		}
 	}
@@ -164,8 +280,9 @@ if ($emergingthreats == 'on') {
 
 /* download emergingthreats rules file */
 if ($emergingthreats == "on") {
-	update_status(gettext("There is a new set of Emergingthreats rules posted. Downloading..."));
-	log_error(gettext("There is a new set of Emergingthreats rules posted. Downloading..."));
+	update_status(gettext("There is a new set of EmergingThreats rules posted. Downloading..."));
+	log_error(gettext("There is a new set of EmergingThreats rules posted. Downloading..."));
+	error_log(gettext("\tThere is a new set of EmergingThreats rules posted. Downloading...\n"), 3, $snort_rules_upd_log);
 
 	/* If using Sourcefire VRT rules with ET, then we should use the open-nogpl ET rules.  */
 	if ($vrt_enabled == "on")
@@ -173,24 +290,27 @@ if ($emergingthreats == "on") {
 	else
 		download_file_with_progress_bar("http://rules.emergingthreats.net/open/snort-{$emerging_threats_version}/emerging.rules.tar.gz", "{$tmpfname}/{$emergingthreats_filename}");
 
-	update_status(gettext('Done downloading Emergingthreats rules file.'));
-	log_error("Emergingthreats rules file update downloaded succsesfully");
+	/* Test for a valid rules file download.  Turn off ET update if download failed. */
+	if (150000 > filesize("{$tmpfname}/$emergingthreats_filename")){
+		update_output_window(gettext("EmergingThreats rules file download failed..."));
+		log_error(gettext("EmergingThreats rules file download failed..."));
+                log_error("Failed Rules Filesize: " . filesize("{$tmpfname}/$emergingthreats_filename"));
+		error_log(gettext("\tEmergingThreats rules file download failed.  EmergingThreats rules will not be updated.\n"), 3, $snort_rules_upd_log);
+		$emergingthreats = 'off';
+	}
+	else {
+		update_status(gettext('Done downloading EmergingThreats rules file.'));
+		log_error("EmergingThreats rules file update downloaded succsesfully");
+		error_log(gettext("\tDone downloading EmergingThreats rules file.\n"), 3, $snort_rules_upd_log);
+	}
 }
 
-/* Normalize rulesets */
-$sedcmd = "s/^#alert/# alert/g\n";
-$sedcmd .= "s/^##alert/# alert/g\n";
-$sedcmd .= "s/^#[ \\t#]*alert/# alert/g\n";
-$sedcmd .= "s/^##\\talert/# alert/g\n";
-$sedcmd .= "s/^\\talert/alert/g\n";
-$sedcmd .= "s/^[ \\t]*alert/alert/g\n";
-@file_put_contents("{$snortdir}/tmp/sedcmd", $sedcmd);
-
 /* Untar emergingthreats rules to tmp */
 if ($emergingthreats == 'on') {
 	safe_mkdir("{$snortdir}/tmp/emerging");
 	if (file_exists("{$tmpfname}/{$emergingthreats_filename}")) {
 		update_status(gettext("Extracting EmergingThreats.org rules..."));
+		error_log(gettext("\tExtracting and installing EmergingThreats.org rules...\n"), 3, $snort_rules_upd_log);
 		exec("/usr/bin/tar xzf {$tmpfname}/{$emergingthreats_filename} -C {$snortdir}/tmp/emerging rules/");
 
 		$files = glob("{$snortdir}/tmp/emerging/rules/*.rules");
@@ -199,7 +319,7 @@ if ($emergingthreats == 'on') {
 			@copy($file, "{$snortdir}/rules/{$newfile}");
 		}
 		/* IP lists for Emerging Threats rules */
-		$files = glob("{$snortdir}/tmp/emerging/rules/*.txt");
+		$files = glob("{$snortdir}/tmp/emerging/rules/*ips.txt");
 		foreach ($files as $file) {
 			$newfile = basename($file);
 			@copy($file, "{$snortdir}/rules/{$newfile}");
@@ -207,31 +327,33 @@ if ($emergingthreats == 'on') {
                 /* base etc files for Emerging Threats rules */
 		foreach (array("classification.config", "reference.config", "gen-msg.map", "unicode.map") as $file) {
 			if (file_exists("{$snortdir}/tmp/emerging/rules/{$file}"))
-				@copy("{$snortdir}/tmp/emerging/rules/{$file}", "{$snortdir}/ET_{$file}");
+				@copy("{$snortdir}/tmp/emerging/rules/{$file}", "{$snortdir}/tmp/ET_{$file}");
 		}
 
-//		/* make sure default rules are in the right format */
-//		exec("/usr/bin/sed -I '' -f {$snortdir}/tmp/sedcmd {$snortdir}/rules/emerging*.rules");
-
 		/*  Copy emergingthreats md5 sig to snort dir */
 		if (file_exists("{$tmpfname}/$emergingthreats_filename_md5")) {
-			update_status(gettext("Copying md5 sig to snort directory..."));
+			update_status(gettext("Copying md5 signature to snort directory..."));
 			@copy("{$tmpfname}/$emergingthreats_filename_md5", "{$snortdir}/$emergingthreats_filename_md5");
 		}
                 update_status(gettext("Extraction of EmergingThreats.org rules completed..."));
+		error_log(gettext("\tInstallation of EmergingThreats.org rules completed.\n"), 3, $snort_rules_upd_log);
+		exec("rm -r {$snortdir}/tmp/emerging");
 	}
 }
 
 /* Untar snort rules file individually to help people with low system specs */
 if ($snortdownload == 'on') {
 	if (file_exists("{$tmpfname}/{$snort_filename}")) {
-		if ($pfsense_stable == 'yes')
-			$freebsd_version_so = 'FreeBSD-7-2';
-		else
-			$freebsd_version_so = 'FreeBSD-8-1';
+
+		/* Currently, only FreeBSD-8-1 and FreeBSD-9-0 precompiled SO rules exist from Snort.org */
+		/* Default to FreeBSD 8.1, and then test for FreeBSD 9.x */
+		$freebsd_version_so = 'FreeBSD-8-1';
+		if (substr(php_uname("r"), 0, 1) == '9')
+			$freebsd_version_so = 'FreeBSD-9-0';
 
 		update_status(gettext("Extracting Snort VRT rules..."));
-		/* extract snort.org rules and  add prefix to all snort.org files*/
+		error_log(gettext("\tExtracting and installing Snort VRT rules...\n"), 3, $snort_rules_upd_log);
+		/* extract snort.org rules and add prefix to all snort.org files */
 		safe_mkdir("{$snortdir}/tmp/snortrules");
 		exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp/snortrules rules/");
 		$files = glob("{$snortdir}/tmp/snortrules/rules/*.rules");
@@ -249,151 +371,196 @@ if ($snortdownload == 'on') {
 
 		/* extract so rules */
 		update_status(gettext("Extracting Snort VRT Shared Objects rules..."));
-		exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
+		exec('/bin/mkdir -p {$snortlibdir}/dynamicrules/');
+		error_log(gettext("\tUsing Snort VRT precompiled SO rules for {$freebsd_version_so} ...\n"), 3, $snort_rules_upd_log);
 		$snort_arch = php_uname("m");
 		$nosorules = false;
 		if ($snort_arch  == 'i386'){
 			exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp so_rules/precompiled/$freebsd_version_so/i386/{$snort_version}/");
-			exec("/bin/cp {$snortdir}/tmp/so_rules/precompiled/$freebsd_version_so/i386/{$snort_version}/* /usr/local/lib/snort/dynamicrules/");
-		} else if ($snort_arch == 'amd64') {
+			exec("/bin/cp {$snortdir}/tmp/so_rules/precompiled/$freebsd_version_so/i386/{$snort_version}/* {$snortlibdir}/dynamicrules/");
+		} elseif ($snort_arch == 'amd64') {
 			exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp so_rules/precompiled/$freebsd_version_so/x86-64/{$snort_version}/");
-			exec("/bin/cp {$snortdir}/tmp/so_rules/precompiled/$freebsd_version_so/x86-64/{$snort_version}/* /usr/local/lib/snort/dynamicrules/");
+			exec("/bin/cp {$snortdir}/tmp/so_rules/precompiled/$freebsd_version_so/x86-64/{$snort_version}/* {$snortlibdir}/dynamicrules/");
 		} else
 			$nosorules = true;
 		exec("rm -r {$snortdir}/tmp/so_rules");
 
 		if ($nosorules == false) {
-			/* extract so rules none bin and rename */
+			/* extract so stub rules, rename and copy to the rules folder. */
 		        update_status(gettext("Copying Snort VRT Shared Objects rules..."));
-			exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp so_rules/");
+			exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp --exclude precompiled/ --exclude src/ so_rules/");
 			$files = glob("{$snortdir}/tmp/so_rules/*.rules");
 			foreach ($files as $file) {
 				$newfile = basename($file, ".rules");
 				@copy($file, "{$snortdir}/rules/snort_{$newfile}.so.rules");
 			}
 			exec("rm -r {$snortdir}/tmp/so_rules");
-
-			/* extract base etc files */
-		        update_status(gettext("Extracting Snort VRT base config files..."));
-			exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp etc/");
-			foreach (array("classification.config", "reference.config", "gen-msg.map", "unicode.map") as $file) {
-				if (file_exists("{$snortdir}/tmp/etc/{$file}"))
-					@copy("{$snortdir}/tmp/etc/{$file}", "{$snortdir}/VRT_{$file}");
-			}
-			exec("rm -r {$snortdir}/tmp/etc");
-
-			/* Untar snort signatures */
-			$signature_info_chk = $config['installedpackages']['snortglobal']['signatureinfo'];
-			if ($premium_url_chk == 'on') {
-				update_status(gettext("Extracting Snort VRT Signatures..."));
-				exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} doc/signatures/");
-				update_status(gettext("Done extracting Signatures."));
-
-				if (is_dir("{$snortdir}/doc/signatures")) {
-					update_status(gettext("Copying Snort VRT signatures..."));
-					exec("/bin/cp -r {$snortdir}/doc/signatures {$snortdir}/signatures");
-					update_status(gettext("Done copying signatures."));
-				}
+		}
+		
+		/* extract base etc files */
+	        update_status(gettext("Extracting Snort VRT config and map files..."));
+		exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp etc/");
+		foreach (array("classification.config", "reference.config", "gen-msg.map", "unicode.map") as $file) {
+			if (file_exists("{$snortdir}/tmp/etc/{$file}"))
+				@copy("{$snortdir}/tmp/etc/{$file}", "{$snortdir}/tmp/VRT_{$file}");
+		}
+		exec("rm -r {$snortdir}/tmp/etc");
+
+		/* Untar snort signatures */
+		$signature_info_chk = $config['installedpackages']['snortglobal']['signatureinfo'];
+		if ($premium_url_chk == 'on') {
+			update_status(gettext("Extracting Snort VRT Signatures..."));
+			exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} doc/signatures/");
+			update_status(gettext("Done extracting Signatures."));
+
+			if (is_dir("{$snortdir}/doc/signatures")) {
+				update_status(gettext("Copying Snort VRT signatures..."));
+				exec("/bin/cp -r {$snortdir}/doc/signatures {$snortdir}/signatures");
+				update_status(gettext("Done copying signatures."));
 			}
+		}
 
-			foreach (glob("/usr/local/lib/snort/dynamicrules/*example*") as $file)
-				@unlink($file);
-
-			exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} preproc_rules/");
-
-//			/* make sure default rules are in the right format */
-//			exec("/usr/bin/sed -I '' -f {$snortdir}/tmp/sedcmd {$snortdir}/rules/snort_*.rules");
+		/* Extract the Snort preprocessor rules */
+		exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp preproc_rules/");
 
-			if (file_exists("{$tmpfname}/{$snort_filename_md5}")) {
-				update_status(gettext("Copying md5 sig to snort directory..."));
-				@copy("{$tmpfname}/$snort_filename_md5", "{$snortdir}/$snort_filename_md5");
-			}
+		if (file_exists("{$tmpfname}/{$snort_filename_md5}")) {
+			update_status(gettext("Copying md5 signature to snort directory..."));
+			@copy("{$tmpfname}/$snort_filename_md5", "{$snortdir}/$snort_filename_md5");
 		}
-                update_status(gettext("Extraction of Snort VRT rules completed..."));
+		update_status(gettext("Extraction of Snort VRT rules completed..."));
+		error_log(gettext("\tInstallation of Snort VRT rules completed.\n"), 3, $snort_rules_upd_log);
 	}
 }
 
-/*  remove old $tmpfname files */
-if (is_dir("{$snortdir}/tmp")) {
-	update_status(gettext("Cleaning up after rules extraction..."));
-	exec("/bin/rm -r {$snortdir}/tmp");
-}
-
 function snort_apply_customizations($snortcfg, $if_real) {
 
+	global $vrt_enabled;
 	$snortdir = SNORTDIR;
+
+	/* Update the Preprocessor rules for the master configuration and for the interface if Snort VRT rules are in use. */
+	if ($vrt_enabled == 'on') {
+		exec("/bin/mkdir -p {$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/preproc_rules");
+		$preproc_files = glob("{$snortdir}/tmp/preproc_rules/*.rules");
+		foreach ($preproc_files as $file) {
+			$newfile = basename($file);
+			@copy($file, "{$snortdir}/preproc_rules/{$newfile}"); 
+			/* Check if customized preprocessor rule protection is enabled for interface before overwriting them. */
+			if ($snortcfg['protect_preproc_rules'] <> 'on')
+				@copy($file, "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/preproc_rules/{$newfile}");
+		}
+	}
+	else {
+		exec("/bin/mkdir -p {$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/preproc_rules");
+	}
+
 	snort_prepare_rule_files($snortcfg, "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}");
 
-	/* Copy the master *.config and other *.map files to the interface's directory */
-	@copy("{$snortdir}/classification.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/classification.config");
-	@copy("{$snortdir}/gen-msg.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/gen-msg.map");
-	@copy("{$snortdir}/reference.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/reference.config");
-	@copy("{$snortdir}/unicode.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/unicode.map");
+	/* Copy the master config and map files to the interface directory */
+	@copy("{$snortdir}/tmp/classification.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/classification.config");
+	@copy("{$snortdir}/tmp/gen-msg.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/gen-msg.map");
+	@copy("{$snortdir}/tmp/reference.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/reference.config");
+	@copy("{$snortdir}/tmp/unicode.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/unicode.map");
 }
 
-if ($snortdownload == 'on' || $emergingthreats == 'on') {
+if ($snortdownload == 'on' || $emergingthreats == 'on' || $snortcommunityrules == 'on') {
 
 	update_status(gettext('Copying new config and map files...'));
+	error_log(gettext("\tCopying new config and map files...\n"), 3, $snort_rules_upd_log);
 
-        /* Determine which base etc file set to use for the master copy.      */
-        /* If the Snort VRT rules are not enabled, then use Emerging Threats. */
+        /* Determine which config and map file set to use for the master copy. */
+        /* If the Snort VRT rules are not enabled, then use Emerging Threats.  */
         if (($vrt_enabled == 'off') && ($et_enabled == 'on')) {
 		foreach (array("classification.config", "reference.config", "gen-msg.map", "unicode.map") as $file) {
-			if (file_exists("{$snortdir}/ET_{$file}"))
-				@rename("{$snortdir}/ET_{$file}", "{$snortdir}/{$file}");
+			if (file_exists("{$snortdir}/tmp/ET_{$file}"))
+				@rename("{$snortdir}/tmp/ET_{$file}", "{$snortdir}/tmp/{$file}");
 		}
         }
         elseif (($vrt_enabled == 'on') && ($et_enabled == 'off')) {
 		foreach (array("classification.config", "reference.config", "gen-msg.map", "unicode.map") as $file) {
-			if (file_exists("{$snortdir}/VRT_{$file}"))
-				@rename("{$snortdir}/VRT_{$file}", "{$snortdir}/{$file}");
+			if (file_exists("{$snortdir}/tmp/VRT_{$file}"))
+				@rename("{$snortdir}/tmp/VRT_{$file}", "{$snortdir}/tmp/{$file}");
                 }
         }
-        else {
+        elseif (($vrt_enabled == 'on') && ($et_enabled == 'on')) {
                /* Both VRT and ET rules are enabled, so build combined  */
                /* reference.config and classification.config files.     */
-                $cfgs = glob("{$snortdir}/*reference.config");
-                snort_merge_reference_configs($cfgs, "{$snortdir}/reference.config");
-                $cfgs = glob("{$snortdir}/*classification.config");
-                snort_merge_classification_configs($cfgs, "{$snortdir}/classification.config");
-        }
-
-        /* Clean-up our temp versions of the config and map files.      */
-	update_status(gettext('Cleaning up temp files...'));
-        $cfgs = glob("{$snortdir}/??*_*.config");
-        foreach ($cfgs as $file) {
-                if (file_exists($file))
-			@unlink($file);
-        }
-        $cfgs = glob("{$snortdir}/??*_*.map");
-        foreach ($cfgs as $file) {
-                if (file_exists($file))
-			@unlink($file);
+                $cfgs = glob("{$snortdir}/tmp/*reference.config");
+                snort_merge_reference_configs($cfgs, "{$snortdir}/tmp/reference.config");
+                $cfgs = glob("{$snortdir}/tmp/*classification.config");
+                snort_merge_classification_configs($cfgs, "{$snortdir}/tmp/classification.config");
+
+		/* Use the unicode.map and gen-msg.map files from VRT rules. */
+		if (file_exists("{$snortdir}/tmp/VRT_unicode.map"))
+			@rename("{$snortdir}/tmp/VRT_unicode.map", "{$snortdir}/tmp/gen-msg.map");
+		if (file_exists("{$snortdir}/tmp/VRT_gen-msg.map"))
+			@rename("{$snortdir}/tmp/VRT_gen-msg.map", "{$snortdir}/tmp/gen-msg.map");
         }
+	else {
+		/* Just Snort GPLv2 Community Rules may be enabled, so make sure required */
+		/* default config files are present in the rules extraction tmp working   */
+		/* directory. Only copy missing files not captured in logic above.        */
+
+		$snort_files = array("gen-msg.map", "classification.config", "reference.config", "unicode.map");
+		foreach ($snort_files as $file) {
+			if (file_exists("{$snortdir}/{$file}") && !file_exists("{$snortdir}/tmp/{$file}"))
+				@copy("{$snortdir}/{$file}", "{$snortdir}/tmp/{$file}");
+		}
+	}
 
-	/* Start the proccess for each configured interface */
+	/* Start the rules rebuild proccess for each configured interface */
 	if (is_array($config['installedpackages']['snortglobal']['rule'])) {
-		foreach ($config['installedpackages']['snortglobal']['rule'] as $id => $value) {
 
-			/* Create configuration for each active Snort interface */
+		/* Set the flag to force rule rebuilds since we downloaded new rules,    */
+		/* except when in post-install mode.  Post-install does its own rebuild. */
+		if ($is_postinstall)
+			$rebuild_rules = 'off';
+		else
+			$rebuild_rules = 'on';
+
+		/* Create configuration for each active Snort interface */
+		foreach ($config['installedpackages']['snortglobal']['rule'] as $id => $value) {
 			$if_real = snort_get_real_interface($value['interface']);
 			$tmp = "Updating rules configuration for: " . snort_get_friendly_interface($value['interface']) . " ...";
 			update_status(gettext($tmp));
-			log_error($tmp);
 			snort_apply_customizations($value, $if_real);
+
+			/*  Log a message in Update Log if protecting customized preprocessor rules. */
+			$tmp = "\t" . $tmp . "\n";
+			if ($value['protect_preproc_rules'] == 'on') {
+				$tmp .= gettext("\tPreprocessor text rules flagged as protected and not updated for ");
+				$tmp .= snort_get_friendly_interface($value['interface']) . "...\n";
+			}
+			error_log($tmp, 3, $snort_rules_upd_log);
 		}
 	}
-	update_status(gettext('Restarting Snort to activate the new set of rules...'));
-        exec("/bin/sh /usr/local/etc/rc.d/snort.sh restart");
-        sleep(20);
-        if (!is_process_running("snort"))
-               exec("/bin/sh /usr/local/etc/rc.d/snort.sh start");
-        update_output_window(gettext("Snort has restarted with your new set of rules..."));
-        log_error("Snort has restarted with your new set of rules...");
+	else {
+	        update_output_window(gettext("Warning:  No interfaces configured for Snort were found..."));
+		error_log(gettext("\tWarning:  No interfaces configured for Snort were found...\n"), 3, $snort_rules_upd_log);
+	}
+
+	/* Clear the rebuild rules flag.  */
+	$rebuild_rules = 'off';
+
+	/*  remove old $tmpfname files */
+	if (is_dir("{$snortdir}/tmp")) {
+		update_status(gettext("Cleaning up after rules extraction..."));
+		exec("/bin/rm -r {$snortdir}/tmp");
+	}
+
+	/* Restart snort if already running to pick up the new rules. */
+       	if (is_process_running("snort")) {
+		update_status(gettext('Restarting Snort to activate the new set of rules...'));
+		error_log(gettext("\tRestarting Snort to activate the new set of rules...\n"), 3, $snort_rules_upd_log);
+       		exec("/bin/sh /usr/local/etc/rc.d/snort.sh restart");
+	        update_output_window(gettext("Snort has restarted with your new set of rules..."));
+       		log_error(gettext("Snort has restarted with your new set of rules..."));
+		error_log(gettext("\tSnort has restarted with your new set of rules.\n"), 3, $snort_rules_upd_log);
+	}
 }
 
 update_status(gettext("The Rules update has finished..."));
-log_error("The Rules update has finished...");
+log_error(gettext("The Rules update has finished."));
+error_log(gettext("The Rules update has finished.  Time: " . date("Y-m-d H:i:s"). "\n\n"), 3, $snort_rules_upd_log);
 conf_mount_ro();
 
 ?>
diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php
index 4085b325..7fb435ed 100755
--- a/config/snort/snort_define_servers.php
+++ b/config/snort/snort_define_servers.php
@@ -126,7 +126,9 @@ if ($_POST) {
 
 		write_config();
 
-		sync_snort_package_config();
+		/* Update the snort conf file for this interface. */
+		$rebuild_rules = "off";
+		snort_generate_conf($a_nat[$id]);
 
 		/* after click go to this page */
 		header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php
index 0c879e44..369e3094 100755
--- a/config/snort/snort_download_updates.php
+++ b/config/snort/snort_download_updates.php
@@ -36,16 +36,18 @@
 require_once("guiconfig.inc");
 require_once("/usr/local/pkg/snort/snort.inc");
 
-global $g;
+global $g, $snort_rules_upd_log, $snort_rules_file, $emergingthreats_filename;
 
 $snortdir = SNORTDIR;
-$snort_upd_log = "/tmp/snort_update.log";
+
+$log = $snort_rules_upd_log;
 
 /* load only javascript that is needed */
 $snort_load_jquery = 'yes';
 $snort_load_jquery_colorbox = 'yes';
 $snortdownload = $config['installedpackages']['snortglobal']['snortdownload'];
 $emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats'];
+$snortcommunityrules = $config['installedpackages']['snortglobal']['snortcommunityrules'];
 
 /* quick md5s chk */
 $snort_org_sig_chk_local = 'N/A';
@@ -53,13 +55,28 @@ if (file_exists("{$snortdir}/{$snort_rules_file}.md5"))
 	$snort_org_sig_chk_local = file_get_contents("{$snortdir}/{$snort_rules_file}.md5");
 
 $emergingt_net_sig_chk_local = 'N/A';
-if (file_exists("{$snortdir}/emerging.rules.tar.gz.md5"))
-	$emergingt_net_sig_chk_local = file_get_contents("{$snortdir}/emerging.rules.tar.gz.md5");
+if (file_exists("{$snortdir}/{$emergingthreats_filename}.md5"))
+	$emergingt_net_sig_chk_local = file_get_contents("{$snortdir}/{$emergingthreats_filename}.md5");
+
+$snort_community_sig_chk_local = 'N/A';
+if (file_exists("{$snortdir}/{$snort_community_rules_filename}.md5"))
+	$snort_community_sig_chk_local = file_get_contents("{$snortdir}/{$snort_community_rules_filename}.md5");
+
+/* Check for postback to see if we should clear the update log file. */
+if (isset($_POST['clear'])) {
+	if (file_exists("{$snort_rules_upd_log}"))
+		mwexec("/bin/rm -f {$snort_rules_upd_log}");
+}
+
+if (isset($_POST['update'])) {
+	header("Location: /snort/snort_download_rules.php");
+	exit;
+}
 
 /* check for logfile */
-$update_logfile_chk = 'no';
-if (file_exists("{$snort_upd_log}"))
-	$update_logfile_chk = 'yes';
+$snort_rules_upd_logfile_chk = 'no';
+if (file_exists("{$snort_rules_upd_log}"))
+	$snort_rules_upd_logfile_chk = 'yes';
 
 $pgtitle = "Services: Snort: Updates";
 include_once("head.inc");
@@ -78,12 +95,14 @@ function popup(url)
  params += ', top=0, left=0'
  params += ', fullscreen=yes';
 
- newwin=window.open(url,'windowname4', params);
+ newwin=window.open(url,'LogViewer', params);
  if (window.focus) {newwin.focus()}
  return false;
 }
 </script>
 
+<form action="snort_download_updates.php" method="post" name="iform" id="iform">
+
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tr><td>
 <?php
@@ -101,8 +120,7 @@ function popup(url)
 <tr>
 		<td>
 		<div id="mainarea3">
-		<table id="maintable4" class="tabcont" width="100%" border="0"
-			cellpadding="0" cellspacing="0">
+		<table id="maintable4" class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
 			<tr align="center">
 				<td>
 				<br/>
@@ -112,14 +130,15 @@ function popup(url)
 						<td id="download_rules_td" style="background-color: #eeeeee">
 						<div height="32" width="725px" style="background-color: #eeeeee">
 
-						<font color="#777777" size="1.5px">
+						<font color="#777777" size="2.5px">
 						<p style="text-align: left; margin-left: 225px;">
-							<b><?php echo gettext("INSTALLED SIGNATURE RULESET"); ?></b></font><br>
-							<br>
-							<font color="#FF850A" size="1px"><b>SNORT.ORG >>></b></font>
+							<b><?php echo gettext("INSTALLED RULESET SIGNATURES"); ?></b></font><br/>
+							<font color="#FF850A" size="1px"><b>SNORT.ORG&nbsp;&nbsp;--></b></font>
 							<font size="1px" color="#000000">&nbsp;&nbsp;<? echo $snort_org_sig_chk_local; ?></font><br>
-							<font color="#FF850A" size="1px"><b>EMERGINGTHREATS.NET >>></b></font>
+							<font color="#FF850A" size="1px"><b>EMERGINGTHREATS.NET&nbsp;&nbsp;--></b></font>
 							<font size="1px" color="#000000">&nbsp;&nbsp;<? echo $emergingt_net_sig_chk_local; ?></font><br>
+							<font color="#FF850A" size="1px"><b>SNORT GPLv2 COMMUNITY RULES&nbsp;&nbsp;--></b></font>
+							<font size="1px" color="#000000">&nbsp;&nbsp;<? echo $snort_community_sig_chk_local; ?></font><br>
 						</p>
 						</div>
 						</td>
@@ -133,14 +152,14 @@ function popup(url)
 						<div height="32" width="725px" style='background-color: #eeeeee'>
 
 						<p style="text-align: left; margin-left: 225px;">
-						<font color='#777777' size='1.5px'><b><?php echo gettext("UPDATE YOUR RULES"); ?></b></font><br>
+						<font color='#777777' size='2.5px'><b><?php echo gettext("UPDATE YOUR RULESET"); ?></b></font><br>
 						<br/>
 
 			<?php
 
 						if ($snortdownload != 'on' && $emergingthreats != 'on') {
 							echo '
-			<button disabled="disabled"><span class="download">' . gettext("Update Rules") . '&nbsp;&nbsp;&nbsp;&nbsp;</span></button><br/>
+			<button disabled="disabled"><span class="download">' . gettext("Update Rules") . '</span></button><br/>
 			<p style="text-align:left; margin-left:150px;">
 			<font color="#fc3608" size="2px"><b>' . gettext("WARNING:") . '</b></font><font size="1px" color="#000000">&nbsp;&nbsp;' . gettext('No rule types have been selected for download. "Global Settings Tab"') . '</font><br>';
 
@@ -148,7 +167,7 @@ function popup(url)
 						} else {
 
 							echo '
-			<a href="/snort/snort_download_rules.php"><button ><span class="download">' . gettext("Update Rules") . '&nbsp;&nbsp;&nbsp;&nbsp;</span></button></a><br/>' . "\n";
+			<input type="submit" value="' . gettext("Update Rules") . '" name="update" id="Submit" class="formbtn" /><br/>' . "\n";
 
 						}
 
@@ -166,19 +185,19 @@ function popup(url)
 						<div height="32" width="725px" style='background-color: #eeeeee'>
 
 						<p style="text-align: left; margin-left: 225px;">
-						<font color='#777777' size='1.5px'><b><?php echo gettext("VIEW UPDATE LOG"); ?></b></font><br>
+						<font color='#777777' size='2.5px'><b><?php echo gettext("VIEW UPDATE LOG"); ?></b></font><br>
 						<br>
-
 				<?php
 
-						if ($update_logfile_chk == 'yes') {
+						if ($snort_rules_upd_logfile_chk == 'yes') {
 							echo "
-				<button href='/snort/snort_rules_edit.php?openruleset={$snort_upd_log}'><span class='pwhitetxt'>" . gettext("Update Log") . "&nbsp;&nbsp;&nbsp;&nbsp;</span></button>\n";
+				<button class=\"formbtn\" onclick=\"popup('snort_log_view.php?logfile={$log}')\"><span class='pwhitetxt'>" . gettext("View Log") . "</span></button>";
+				echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" value=\"Clear Log\" name=\"clear\" id=\"Submit\" class=\"formbtn\" />\n";
 						}else{
 							echo "
-				<button disabled='disabled' href='/snort/snort_rules_edit.php?openruleset={$snort_upd_log}'><span class='pwhitetxt'>" . gettext("Update Log") . "&nbsp;&nbsp;&nbsp;&nbsp;</span></button>\n";
+				<button disabled='disabled'><span class='pwhitetxt'>" . gettext("View Log") . "</span></button>&nbsp;&nbsp;&nbsp;" . gettext("Log is empty.") . "\n";
 						}
-							
+						echo '<br><br>' . gettext("The log file is limited to 1024K in size and automatically clears when the limit is exceeded.");
 				?>
 						<br/>
 						</p>
@@ -194,8 +213,8 @@ function popup(url)
 					<tr>
 						<td id="download_rules_td" style='background-color: #eeeeee'>
 						<div height="32" width="725px" style='background-color: #eeeeee'>
-							<font color='#FF850A' size='1px'><b><?php echo gettext("NOTE:"); ?></b></font><font size='1px'
-								color='#000000'>&nbsp;&nbsp;<?php echo gettext("Snort.org and Emergingthreats.net " .
+							<font size='1px'><span class="red"><b><?php echo gettext("NOTE:"); ?></b></span></font><font size='1px'
+								color='#000000'>&nbsp;&nbsp;<?php echo gettext("Snort.org and EmergingThreats.net " .
 								"will go down from time to time. Please be patient."); ?>
 							</font>
 						</div>
@@ -207,16 +226,12 @@ function popup(url)
 			</tr>
 		</table>
 		</div>
-
-
-
-
-
 		<br>
 		</td>
 	</tr>
 </table>
 <!-- end of final table --></div>
+		</form>
 <?php include("fend.inc"); ?>
 </body>
 </html>
diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php
index e8e690a8..4f85c1f4 100755
--- a/config/snort/snort_interfaces.php
+++ b/config/snort/snort_interfaces.php
@@ -61,10 +61,14 @@ if (isset($_POST['del_x'])) {
 		}
 		conf_mount_ro();
 	  
+		/* If all the Snort interfaces are removed, then unset the config array. */
+		if (empty($a_nat))
+			unset($a_nat);
+
 		write_config();
 		sleep(2);
 	  
-		/* if there are no ifaces do not create snort.sh */
+		/* if there are no ifaces remaining do not create snort.sh */
 		if (!empty($config['installedpackages']['snortglobal']['rule']))
 			snort_create_rc();
 		else {
@@ -228,7 +232,7 @@ if ($pfsense_stable == 'yes')
 	else
 		$biconfn = 'block';
 
-	?>
+?>
 		<td class="listt">
 			<input type="checkbox" id="frc<?=$nnats;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nnats;?>')" style="margin: 0; padding: 0;"></td>
 		<td class="listr" 
diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php
index d0fabbf4..76763553 100755
--- a/config/snort/snort_interfaces_edit.php
+++ b/config/snort/snort_interfaces_edit.php
@@ -31,7 +31,7 @@
 require_once("guiconfig.inc");
 require_once("/usr/local/pkg/snort/snort.inc");
 
-global $g;
+global $g, $rebuild_rules;
 
 if (!is_array($config['installedpackages']['snortglobal']))
 	$config['installedpackages']['snortglobal'] = array();
@@ -50,10 +50,15 @@ if (is_null($id)) {
 }
 
 $pconfig = array();
-if (empty($snortglob['rule'][$id]['uuid']))
+if (empty($snortglob['rule'][$id]['uuid'])) {
+	/* Adding new interface, so flag rules to build. */
 	$pconfig['uuid'] = snort_generate_id();
-else
+	$rebuild_rules = "on";
+}
+else {
 	$pconfig['uuid'] = $a_rule[$id]['uuid'];
+	$rebuild_rules = "off";
+}
 $snort_uuid = $pconfig['uuid'];
 
 if (isset($id) && $a_rule[$id]) {
@@ -77,14 +82,6 @@ if ($_POST["Submit"]) {
 
 	if (!$_POST['interface'])
 		$input_errors[] = "Interface is mandatory";
-/*
-	foreach ($a_rule as $natent) {
-		if (isset($id) && ($a_rule[$id]) && ($a_rule[$id] === $natent))
-			continue;
-		if ($natent['interface'] == $_POST['interface'])
-			$input_errors[] = "This interface is already configured for another instance";
-	}
-*/
 
 	/* if no errors write to conf */
 	if (!$input_errors) {
@@ -118,10 +115,16 @@ if ($_POST["Submit"]) {
 		} else
 			$a_rule[] = $natent;
 
+		/* If Snort is disabled on this interface, stop any running instance */
 		if ($natent['enable'] != 'on')
 			snort_stop($natent, $if_real);
+
+		/* Save configuration changes */
 		write_config();
-		sync_snort_package_config();
+
+		/* Update snort.conf file for this interface */
+		$rebuild_rules = "off";
+		snort_generate_conf($a_rule[$id]);
 
 		header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
 		header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php
index 9dde8aaf..9c63ac04 100644
--- a/config/snort/snort_interfaces_global.php
+++ b/config/snort/snort_interfaces_global.php
@@ -50,6 +50,8 @@ $pconfig['snortloglimit'] = $config['installedpackages']['snortglobal']['snortlo
 $pconfig['snortloglimitsize'] = $config['installedpackages']['snortglobal']['snortloglimitsize'];
 $pconfig['autorulesupdate7'] = $config['installedpackages']['snortglobal']['autorulesupdate7'];
 $pconfig['forcekeepsettings'] = $config['installedpackages']['snortglobal']['forcekeepsettings'];
+$pconfig['snortcommunityrules'] = $config['installedpackages']['snortglobal']['snortcommunityrules'];
+
 
 /* if no errors move foward */
 if (!$input_errors) {
@@ -58,7 +60,9 @@ if (!$input_errors) {
 
 		$config['installedpackages']['snortglobal']['snortdownload'] = $_POST['snortdownload'];
 		$config['installedpackages']['snortglobal']['oinkmastercode'] = $_POST['oinkmastercode'];
+		$config['installedpackages']['snortglobal']['snortcommunityrules'] = $_POST['snortcommunityrules'] ? 'on' : 'off';
 		$config['installedpackages']['snortglobal']['emergingthreats'] = $_POST['emergingthreats'] ? 'on' : 'off';
+
 		$config['installedpackages']['snortglobal']['rm_blocked'] = $_POST['rm_blocked'];
 		if ($_POST['snortloglimitsize']) {
 			$config['installedpackages']['snortglobal']['snortloglimit'] = $_POST['snortloglimit'];
@@ -110,6 +114,20 @@ if ($input_errors)
 
 ?>
 
+<script language="JavaScript">
+<!--
+function enable_snort_vrt(btn) {
+	if (btn == 'off') {
+		document.iform.oinkmastercode.disabled = "true";
+	}
+	if (btn == 'on') {
+		document.iform.oinkmastercode.disabled = "";
+	}	
+}
+//-->
+</script>
+
+
 <form action="snort_interfaces_global.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tr><td class="tabnavtbl">
@@ -124,7 +142,8 @@ if ($input_errors)
         $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
         display_top_tabs($tab_array);
 ?>
-</td></tr>
+</td>
+</tr>
 <tr>
 	<td class="tabcont">
 	<table width="100%" border="0" cellpadding="6" cellspacing="0">
@@ -132,55 +151,69 @@ if ($input_errors)
 	<td colspan="2" valign="top" class="listtopic"><?php echo gettext("Please Choose The " .
 		"Type Of Rules You Wish To Download"); ?></td>
 </tr>
-	<td width="22%" valign="top" class="vncell"><?php echo gettext("Install Snort.org rules"); ?></td>
+	<td width="22%" valign="top" class="vncell"><?php printf(gettext("Install %sSnort VRT%s rules"), '<strong>' , '</strong>'); ?></td>
 	<td width="78%" class="vtable">
-		<table cellpadding="0" cellspacing="0">
+		<table width="100%" border="0" cellpadding="2" cellspacing="0">
 		<tr>
-			<td colspan="2"><input name="snortdownload" type="radio"
-				id="snortdownload" value="off" 
-<?php if($pconfig['snortdownload']=='off' || $pconfig['snortdownload']=='') echo 'checked'; ?>>
-			<?php printf(gettext("Do %sNOT%s Install"), '<strong>',  '</strong>'); ?></td>
+			<td><input name="snortdownload" type="radio" id="snortdownload" value="off" onclick="enable_snort_vrt('off')"  
+			<?php if($pconfig['snortdownload']=='off' || $pconfig['snortdownload']=='') echo 'checked'; ?> >&nbsp;&nbsp;</td>
+			<td><span class="vexpl"><?php printf(gettext("Do %sNOT%s Install"), '<strong>',  '</strong>'); ?></span></td>
 		</tr>
 		<tr>
-			<td colspan="2"><input name="snortdownload" type="radio"
-				id="snortdownload" value="on" 
-	<?php if($pconfig['snortdownload']=='on') echo 'checked'; ?>> <?php echo gettext("Install " .
-	"Basic Rules or Premium rules"); ?> <br>
-			&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a
-				href="https://www.snort.org/signup" target="_blank"><?php echo gettext("Sign Up for a " .
-			"Basic Rule Account"); ?></a><br>
-			&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a
-				href="http://www.snort.org/vrt/buy-a-subscription"
-				target="_blank"><?php echo gettext("Sign Up for Sourcefire VRT Certified Premium " .
-			"Rules. This Is Highly Recommended"); ?></a></td>
-		</tr>
+			<td><input name="snortdownload" type="radio" id="snortdownload" value="on" onclick="enable_snort_vrt('on')" 
+			<?php if($pconfig['snortdownload']=='on') echo 'checked'; ?>></td>
+			<td><span class="vexpl"><?php echo gettext("Install Basic Rules or Premium rules"); ?></span></td>
 		<tr>
 			<td>&nbsp;</td>
+			<td><a href="https://www.snort.org/signup" target="_blank"><?php echo gettext("Sign Up for a Basic Rule Account"); ?> </a><br>
+			<a href="http://www.snort.org/vrt/buy-a-subscription" target="_blank">
+			<?php echo gettext("Sign Up for Sourcefire VRT Certified Premium Rules.  This Is Highly Recommended"); ?></a></td>
 		</tr>
-	</table>
-	<table width="100%" border="0" cellpadding="6" cellspacing="0">
 		<tr>
-			<td colspan="2" valign="top" class="optsect_t2"><?php echo gettext("Oinkmaster code"); ?></td>
+			<td colspan="2">&nbsp;</td>
 		</tr>
+		</table>
+		<table width="100%" border="0" cellpadding="2" cellspacing="0">
 		<tr>
-			<td class="vncell" valign="top"><?php echo gettext("Code"); ?></td>
-			<td class="vtable"><input name="oinkmastercode" type="text"
+			<td colspan="2" valign="top"><b><span class="vexpl"><?php echo gettext("Oinkmaster Configuration"); ?></span></b></td>
+		</tr>
+		<tr>
+			<td valign="top"><span class="vexpl"><strong><?php echo gettext("Code"); ?><strong></span</td>
+			<td><input name="oinkmastercode" type="text"
 				class="formfld" id="oinkmastercode" size="52"
-				value="<?=htmlspecialchars($pconfig['oinkmastercode']);?>"><br>
-			<?php echo gettext("Obtain a snort.org Oinkmaster code and paste here."); ?></td>
-	
+				value="<?=htmlspecialchars($pconfig['oinkmastercode']);?>" 
+				<?php if($pconfig['snortdownload']<>'on') echo 'disabled'; ?>><br>
+			<?php echo gettext("Obtain a snort.org Oinkmaster code and paste it here."); ?></td>
+		</tr>
 	</table>
-
 </tr>
 <tr>
-	<td width="22%" valign="top" class="vncell"><?php printf(gettext("Install %sEmergingthreats%s " .
+	<td width="22%" valign="top" class="vncell"><?php printf(gettext("Install %sSnort Community%s " .
 	"rules"), '<strong>' , '</strong>'); ?></td>
-	<td width="78%" class="vtable"><input name="emergingthreats"
-		type="checkbox" value="yes"
-		<?php if ($config['installedpackages']['snortglobal']['emergingthreats']=="on") echo "checked"; ?>
-		><br>
-	<?php echo gettext("Emerging Threats is an open source community that produces fastest " .
-	"moving and diverse Snort Rules."); ?></td>
+	<td width="78%" class="vtable">
+		<table width="100%" border="0" cellpadding="2" cellspacing="0">
+			<tr>
+				<td valign="top" width="8%"><input name="snortcommunityrules" type="checkbox" value="yes"
+				<?php if ($config['installedpackages']['snortglobal']['snortcommunityrules']=="on") echo "checked"; ?> ></td>
+				<td><span class="vexpl"><?php echo gettext("The Snort Community Ruleset is a GPLv2 VRT certified ruleset that is distributed free of charge " .
+				"without any VRT License restrictions.  This ruleset is updated daily and is a subset of the subscriber ruleset."); ?>
+				<br/><br/><?php printf(gettext("%sNote:  %sIf you are a Snort VRT Paid Subscriber, the community ruleset is already built into your download of the Snort VRT rules, and there is no benefit in adding this rule set."),'<span class="red"><strong>' ,'</strong></span>'); ?></span><br></td>
+			</tr>
+		</table></td>
+</tr>
+<tr>
+	<td width="22%" valign="top" class="vncell"><?php printf(gettext("Install %sEmerging Threats%s " .
+	"rules"), '<strong>' , '</strong>'); ?></td>
+	<td width="78%" class="vtable">
+		<table width="100%" border="0" cellpadding="2" cellspacing="0">
+			<tr>
+				<td valign="top" width="8%"><input name="emergingthreats" type="checkbox" value="yes" 
+				<?php if ($config['installedpackages']['snortglobal']['emergingthreats']=="on") echo "checked"; ?>>
+				<td><span class="vexpl"><?php echo gettext("Emerging Threats is an open source community that produces fast " .
+				"moving and diverse Snort Rules."); ?></span></td>
+			</tr>
+		</table>
+	</td>
 </tr>
 <tr>
 	<td width="22%" valign="top" class="vncell"><?php echo gettext("Update rules " .
@@ -194,9 +227,9 @@ if ($input_errors)
 		<?php if ($iface3 == $pconfig['autorulesupdate7']) echo "selected"; ?>>
 			<?=htmlspecialchars($ifacename3);?></option>
 			<?php endforeach; ?>
-	</select><br>
-	<span class="vexpl"><?php echo gettext("Please select the update times for rules."); ?><br>
-	<?php echo gettext("Hint: in most cases, every 12 hours is a good choice."); ?></span></td>
+	</select><span class="vexpl">&nbsp;&nbsp;<?php echo gettext("Please select the update times for rules."); ?><br/><br/>
+	
+	<?php printf(gettext("%sHint%s: in most cases, every 12 hours is a good choice."), '<span class="red"><strong>','</strong></span>'); ?></span></td>
 </tr>
 <tr>
 	<td colspan="2" valign="top" class="listtopic"><?php echo gettext("General Settings"); ?></td>
@@ -209,20 +242,20 @@ if ($input_errors)
 	<br/>
 	<br/>
 	<span class="red"><strong><?php echo gettext("Note"); ?></span>:</strong><br>
-	<?php echo gettext("Available space is"); ?> <strong><?php echo $snortlogCurrentDSKsize; ?>MB</strong></td>
+	<?php echo gettext("Available space is"); ?> <strong><?php echo $snortlogCurrentDSKsize; ?>&nbsp;MB</strong></td>
 	<td width="78%" class="vtable">
 	<table cellpadding="0" cellspacing="0">
 		<tr>
 			<td colspan="2"><input name="snortloglimit" type="radio"
 				id="snortloglimit" value="on" 
-<?php if($pconfig['snortloglimit']=='on') echo 'checked'; ?>>
-		<strong><?php echo gettext("Enable"); ?></strong> <?php echo gettext("directory size limit"); ?> (<strong><?php echo gettext("Default"); ?></strong>)</td>
+<?php if($pconfig['snortloglimit']=='on') echo 'checked'; ?>><span class="vexpl">
+		<strong><?php echo gettext("Enable"); ?></strong> <?php echo gettext("directory size limit"); ?> (<strong><?php echo gettext("Default"); ?></strong>)</span></td>
 		</tr>
 		<tr>
 			<td colspan="2"><input name="snortloglimit" type="radio"
 				id="snortloglimit" value="off" 
-<?php if($pconfig['snortloglimit']=='off') echo 'checked'; ?>> <strong><?php echo gettext("Disable"); ?></strong>
-			<?php echo gettext("directory size limit"); ?><br>
+<?php if($pconfig['snortloglimit']=='off') echo 'checked'; ?>> <span class="vexpl"><strong><?php echo gettext("Disable"); ?></strong>
+			<?php echo gettext("directory size limit"); ?></span><br>
 			<br>
 			<span class="red"><strong><?php echo gettext("Warning"); ?></span>:</strong> <?php echo gettext("Nanobsd " .
 			"should use no more than 10MB of space."); ?></td>
@@ -231,18 +264,16 @@ if ($input_errors)
 			<td>&nbsp;</td>
 		</tr>
 	</table>
-	<table width="100%" border="0" cellpadding="6" cellspacing="0">
+	<table width="100%" border="0" cellpadding="2" cellspacing="0">
 		<tr>
-			<td class="vncell3"><?php echo gettext("Size in"); ?> <strong>MB</strong></td>
-			<td class="vtable"><input name="snortloglimitsize" type="text"
-				class="formfld" id="snortloglimitsize" size="7"
-				value="<?=htmlspecialchars($pconfig['snortloglimitsize']);?>">
-			<?php echo gettext("Default is"); ?> <strong>20%</strong> <?php echo gettext("of available space."); ?></td>
-	
+			<td><span class="vexpl"><?php echo gettext("Size in"); ?> <strong>MB</strong><span></td>
+			<td><input name="snortloglimitsize" type="text" class="formfld" id="snortloglimitsize" size="7" value="
+			<?=htmlspecialchars($pconfig['snortloglimitsize']);?>">&nbsp;&nbsp;
+			<?php printf(gettext("Default is %s20%%%s of available space."), '<strong>', '</strong>'); ?></td>
+		</tr>
 	</table>
 
 </tr>
-
 <tr>
 	<td width="22%" valign="top" class="vncell"><?php echo gettext("Remove blocked hosts " .
 	"every"); ?></td>
@@ -255,10 +286,9 @@ if ($input_errors)
 		<?php if ($iface3 == $pconfig['rm_blocked']) echo "selected"; ?>>
 			<?=htmlspecialchars($ifacename3);?></option>
 			<?php endforeach; ?>
-	</select><br>
-	<span class="vexpl"><?php echo gettext("Please select the amount of time you would like " .
-	"hosts to be blocked for."); ?><br>
-	<?php echo gettext("Hint: in most cases, 1 hour is a good choice."); ?></span></td>
+	</select>&nbsp;&nbsp;
+	<?php echo gettext("Please select the amount of time you would like hosts to be blocked for."); ?><br/><br/>
+	<?php printf(gettext("%sHint:%s in most cases, 1 hour is a good choice."), '<span class="red"><strong>', '</strong></span>'); ?></td>
 </tr>
 <tr>
 	<td width="22%" valign="top" class="vncell"><?php echo gettext("Keep snort settings " .
@@ -266,8 +296,7 @@ if ($input_errors)
 	<td width="78%" class="vtable"><input name="forcekeepsettings"
 		id="forcekeepsettings" type="checkbox" value="yes"
 		<?php if ($config['installedpackages']['snortglobal']['forcekeepsettings']=="on") echo "checked"; ?>
-		><br>
-	<?php echo gettext("Settings will not be removed during deinstall."); ?></td>
+		>&nbsp;&nbsp;<?php echo gettext("Settings will not be removed during deinstall."); ?></td>
 </tr>
 <tr>
 	<td width="22%" valign="top">
@@ -279,8 +308,8 @@ if ($input_errors)
 	<td width="22%" valign="top">&nbsp;</td>
 	<td width="78%"><span class="vexpl"><span class="red"><strong><?php echo gettext("Note:"); ?><br>
 	</strong></span> <?php echo gettext("Changing any settings on this page will affect all " .
-	"interfaces. Please, double check if your oink code is correct and " .
-				"the type of snort.org account you hold."); ?></span></td>
+	"interfaces. Double check that your oink code is correct, and verify the " .
+				"type of Snort.org account you hold."); ?></span></td>
 </tr>
 	</table>
 </td></tr>
diff --git a/config/snort/snort_log_view.php b/config/snort/snort_log_view.php
new file mode 100644
index 00000000..6d38a8cb
--- /dev/null
+++ b/config/snort/snort_log_view.php
@@ -0,0 +1,86 @@
+<?php
+/*
+ * snort_log_view.php
+ *
+ * Copyright (C) 2004, 2005 Scott Ullrich
+ * Copyright (C) 2011 Ermal Luci
+ * All rights reserved.
+ *
+ * Adapted for FreeNAS by Volker Theile (votdev@gmx.de)
+ * Copyright (C) 2006-2009 Volker Theile
+ *
+ * Adapted for Pfsense Snort package by Robert Zelaya
+ * Copyright (C) 2008-2009 Robert Zelaya
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort.inc");
+
+$contents = '';
+
+// Read the contents of the argument passed to us.
+// Is it a fully qualified path and file?
+if (file_exists($_GET['logfile']))
+	$contents = file_get_contents($_GET['logfile']);
+// It is not something we can display, so print an error.
+else
+	$contents = gettext("\n\nERROR -- File: {$_GET['logfile']} not found!");
+
+$pgtitle = array(gettext("Snort"), gettext("Log File Viewer"));
+?>
+
+<?php include("head.inc");?>
+
+<body link="#000000" vlink="#000000" alink="#000000">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php include("fbegin.inc");?>
+
+<form action="snort_log_view.php" method="post">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr>
+	<td class="tabcont">
+		<table width="100%" cellpadding="0" cellspacing="6" bgcolor="#eeeeee">
+		<tr>
+			<td align="left" width="20%">
+				<input type="button" class="formbtn" value="Return" onclick="window.close()">
+			</td>
+			<td align="right">
+				<b><?php echo gettext("Log File: ") . '</b>&nbsp;' . $_GET['logfile']; ?>&nbsp;&nbsp;&nbsp;&nbsp;
+			</td>
+		</tr>
+		<tr>
+			<td colspan="2" valign="top" class="label">
+			<div style="background: #eeeeee;" id="textareaitem"><!-- NOTE: The opening *and* the closing textarea tag must be on the same line. -->
+			<textarea readonly wrap="off" rows="33" cols="90" name="code2"><?=$contents;?></textarea>
+			</div>
+			</td>
+		</tr>
+		</table>
+	</td>
+</tr>
+</table>
+</form>
+<?php include("fend.inc");?>
+</body>
+</html>
diff --git a/config/snort/snort_preprocessors.php b/config/snort/snort_preprocessors.php
index 7d0348e9..5cd5a408 100755
--- a/config/snort/snort_preprocessors.php
+++ b/config/snort/snort_preprocessors.php
@@ -34,7 +34,12 @@
 require_once("guiconfig.inc");
 require_once("/usr/local/pkg/snort/snort.inc");
 
-global $g;
+global $g, $rebuild_rules;
+
+if (!is_array($config['installedpackages']['snortglobal'])) {
+	$config['installedpackages']['snortglobal'] = array();
+}
+$vrt_enabled = $config['installedpackages']['snortglobal']['snortdownload'];
 
 if (!is_array($config['installedpackages']['snortglobal']['rule'])) {
 	$config['installedpackages']['snortglobal']['rule'] = array();
@@ -77,6 +82,13 @@ if (isset($id) && $a_nat[$id]) {
 	$pconfig['dnp3_preproc'] = $a_nat[$id]['dnp3_preproc'];
 	$pconfig['modbus_preproc'] = $a_nat[$id]['modbus_preproc'];
 	$pconfig['gtp_preproc'] = $a_nat[$id]['gtp_preproc'];
+	$pconfig['preproc_auto_rule_disable'] = $a_nat[$id]['preproc_auto_rule_disable'];
+	$pconfig['protect_preproc_rules'] = $a_nat[$id]['protect_preproc_rules'];
+
+	/* If not using the Snort VRT rules, then disable */
+	/* the Sensitive Data (sdf) preprocessor.         */
+	if ($vrt_enabled == "off")
+		$pconfig['sensitive_data'] = "off";
 }
 
 if ($_POST) {
@@ -120,6 +132,8 @@ if ($_POST) {
 		$natent['sip_preproc'] = $_POST['sip_preproc'] ? 'on' : 'off';
 		$natent['modbus_preproc'] = $_POST['modbus_preproc'] ? 'on' : 'off';
 		$natent['gtp_preproc'] = $_POST['gtp_preproc'] ? 'on' : 'off';
+		$natent['preproc_auto_rule_disable'] = $_POST['preproc_auto_rule_disable'] ? 'on' : 'off';
+		$natent['protect_preproc_rules'] = $_POST['protect_preproc_rules'] ? 'on' : 'off';
 
 		if (isset($id) && $a_nat[$id])
 			$a_nat[$id] = $natent;
@@ -132,8 +146,15 @@ if ($_POST) {
 
 		write_config();
 
-		$if_real = snort_get_real_interface($pconfig['interface']);
-		sync_snort_package_config();
+		/* Set flag to rebuild rules for this interface  */
+		$rebuild_rules = "on";
+
+		/*************************************************/
+		/* Update the snort conf file and rebuild the    */
+		/* rules for this interface.                     */
+		/*************************************************/
+		snort_generate_conf($natent);
+		$rebuild_rules = "off";
 
 		/* after click go to this page */
 		header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
@@ -191,22 +212,58 @@ include_once("head.inc");
 <tr><td class="tabcont">
 <table width="100%" border="0" cellpadding="6" cellspacing="0">
 	<tr>
-		<td colspan="2" align="center" valign="middle">
-		<span class="red"><strong><?php echo gettext("NOTE"); ?></strong></span><br>
+		<td colspan="2" align="left" valign="middle">
 		<?php echo gettext("Rules may be dependent on preprocessors!  Disabling preprocessors may result in "); ?>
-		<?php echo gettext("dependent rules being automatically disabled."); ?><br>
-		<?php echo gettext("Defaults will be used when there is no user input."); ?><br></td>
+		<?php echo gettext("Snort start failures unless dependent rules are also disabled."); ?>
+		<?php echo gettext("The Auto-Rule Disable feature can be used, but note the warning about compromising protection.  " . 
+		"Defaults will be used where no user input is provided."); ?></td>
 	</tr>
 	<tr>
-		<td colspan="2" valign="top" class="listtopic"><?php echo gettext("Performance Statistics"); ?></td>
+
+		<td colspan="2" valign="top" class="listtopic"><?php echo gettext("Preprocessors Configuration"); ?></td>
 	</tr>
 	<tr>
 		<td width="22%" valign="top" class="vncell"><?php echo gettext("Enable"); ?></td>
-		<td width="78%" class="vtable"><input name="perform_stat"
-			type="checkbox" value="on"
+		<td width="78%" class="vtable"><input name="perform_stat" type="checkbox" value="on" 
 			<?php if ($pconfig['perform_stat']=="on") echo "checked"; ?>
 			onClick="enable_change(false)"> <?php echo gettext("Collect Performance Statistics for this interface."); ?></td>
 	</tr>
+	<tr>
+		<td width="22%" valign="top" class="vncell"><?php echo gettext("Protect Customized Preprocessor Rules"); ?></td>
+		<td width="78%" class="vtable"><input name="protect_preproc_rules" type="checkbox" value="on" 
+			<?php if ($pconfig['protect_preproc_rules']=="on") echo "checked "; 
+			if ($vrt_enabled <> 'on') echo "disabled"; ?>
+			onClick="enable_change(false)"> <?php echo gettext("Check this box if you maintain customized preprocessor text rules files for this interface."); ?>
+			<table width="100%" border="0" cellpadding="2" cellpadding="2">
+				<tr>
+					<td width="3%">&nbsp;</td>
+					<td><?php echo gettext("Enable this only if you use customized preprocessor text rules files and " . 
+					"you do not want them overwritten by automatic Snort VRT rule updates.  " . 
+					"This option is disabled when Snort VRT rules download is not enabled on the Global Settings tab."); ?><br/><br/>
+					<?php printf(gettext("%sHint:%s  Most users should leave this unchecked."), '<span class="red"><strong>', '</strong></span>'); ?></span></td>
+				</tr>
+			</table>
+		</td>
+	</tr>
+	<tr>
+		<td width="22%" valign="top" class="vncell"><?php echo gettext("Auto Rule Disable"); ?></td>
+		<td width="78%" class="vtable"><input name="preproc_auto_rule_disable" type="checkbox" value="on" 
+			<?php if ($pconfig['preproc_auto_rule_disable']=="on") echo "checked"; ?>
+			onClick="enable_change(false)"> <?php echo gettext("Auto-disable text rules dependent on disabled preprocessors for this interface.  "); 
+			echo gettext("Default is ") . '<strong>' . gettext("Not Checked."); ?></strong><br/>
+			<table width="100%" border="0" cellpadding="2" cellpadding="2">
+				<tr>
+					<td width="3%">&nbsp;</td>
+					<td><span class="red"><strong><?php echo gettext("Warning:  "); ?></strong></span>
+					<?php echo gettext("Enabling this option allows Snort to automatically disable any text rules " . 
+					"containing rule options or content modifiers that are dependent upon the preprocessors " . 
+					"you have not enabled.  This may facilitate starting Snort without errors related to " . 
+					"disabled preprocessors, but can substantially compromise the level of protection by " .
+					"automatically disabling detection rules."); ?></td>
+				</tr>
+			</table>
+		</td>
+	</tr>
 	<tr>
 		<td colspan="2" valign="top" class="listtopic"><?php echo gettext("HTTP Inspect Settings"); ?></td>
 	</tr>
@@ -214,9 +271,10 @@ include_once("head.inc");
 		<td width="22%" valign="top" class="vncell"><?php echo gettext("Enable"); ?></td>
 		<td width="78%" class="vtable"><input name="http_inspect"
 			type="checkbox" value="on"
-			<?php if ($pconfig['http_inspect']=="on") echo "checked"; ?>
+			<?php if ($pconfig['http_inspect']=="on" || empty($pconfig['http_inspect'])) echo "checked"; ?>
 			onClick="enable_change(false)"> <?php echo gettext("Use HTTP Inspect to " .
-				"Normalize/Decode and detect HTTP traffic and protocol anomalies."); ?></td>
+				"Normalize/Decode and detect HTTP traffic and protocol anomalies.  Default is "); ?>
+			<strong><?php echo gettext("Checked."); ?></strong></td>
 	</tr>
 	<tr>
 		<td valign="top" class="vncell"><?php echo gettext("HTTP server flow depth"); ?></td>
@@ -241,7 +299,7 @@ include_once("head.inc");
 		<td width="78%" class="vtable">
 			<select name="http_server_profile" class="formselect" id="http_server_profile">
 			<?php
-			$profile = array('All', 'Apache', 'IIS', 'IIS_4.0', 'IIS_5.0');
+			$profile = array('All', 'Apache', 'IIS', 'IIS4_0', 'IIS5_0');
 			foreach ($profile as $val): ?>
 			<option value="<?=strtolower($val);?>"
 			<?php if (strtolower($val) == $pconfig['http_server_profile']) echo "selected"; ?>>
@@ -275,9 +333,10 @@ include_once("head.inc");
 		<td width="22%" valign="top" class="vncell"><?php echo gettext("Disable HTTP Alerts"); ?></td>
 		<td width="78%" class="vtable"><input name="noalert_http_inspect"
 			type="checkbox" value="on"
-			<?php if ($pconfig['noalert_http_inspect']=="on") echo "checked"; ?>
-			onClick="enable_change(false)"> <?php echo gettext("Tick to turn off alerts from the HTTP Inspect " .
-				"preprocessor.  This has no effect on HTTP rules in the rule set."); ?></td>
+			<?php if ($pconfig['noalert_http_inspect']=="on" || empty($pconfig['noalert_http_inspect'])) echo "checked"; ?>
+			onClick="enable_change(false)"> <?php echo gettext("Turn off alerts from HTTP Inspect " .
+				"preprocessor.  This has no effect on HTTP rules.  Default is "); ?>
+			<strong><?php echo gettext("Checked."); ?></strong></td>
 	</tr>
 	<tr>
 		<td colspan="2" valign="top" class="listtopic"><?php echo gettext("Stream5 Settings"); ?></td>
@@ -469,9 +528,14 @@ include_once("head.inc");
 		<td width="22%" valign="top" class="vncell"><?php echo gettext("Enable"); ?> <br> <?php echo gettext("Sensitive Data"); ?></td>
 		<td width="78%" class="vtable">
 			<input name="sensitive_data" type="checkbox" value="on"
-			<?php if ($pconfig['sensitive_data']=="on") echo "checked"; ?>
+			<?php if ($pconfig['sensitive_data'] == "on")
+				 echo "checked";
+			      elseif ($vrt_enabled == "off")
+				 echo "disabled";
+			?>
 			onClick="enable_change(false)"><br>
-		<?php echo gettext("Sensitive data searches for credit card or Social Security numbers in data"); ?>	
+		<?php echo gettext("Sensitive data searches for credit card or Social Security numbers and e-mail addresses in data."); ?><br/>
+		<span class="red"><strong><?php echo gettext("Note: "); ?></strong></span><?php echo gettext("To enable this preprocessor, you must select the Snort VRT rules on the Global Settings tab."); ?>	
 		</td>
 	</tr>
 	<tr>
@@ -507,7 +571,8 @@ include_once("head.inc");
 				<td width="22%" valign="top">&nbsp;</td>
 				<td width="78%"><span class="vexpl"><span class="red"><strong><?php echo gettext("Note:"); ?></strong></span>
 				<br>
-				<?php echo gettext("Please save your settings before you click Start."); ?> </td>
+				<?php echo gettext("Please save your settings before you click Start.  Preprocessor changes will rebuild the rules file.  "); ?>
+				</br><?php echo gettext("This may take several seconds.  Snort must also be restarted to activate any changes made on this screen."); ?></td>
 			</tr>
 </table>
 </td></tr></table>
diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php
index 7457632d..5e8e145d 100755
--- a/config/snort/snort_rules.php
+++ b/config/snort/snort_rules.php
@@ -33,7 +33,7 @@
 require_once("guiconfig.inc");
 require_once("/usr/local/pkg/snort/snort.inc");
 
-global $g, $flowbit_rules_file;
+global $g, $flowbit_rules_file, $rebuild_rules;
 
 $snortdir = SNORTDIR;
 $rules_map = array();
@@ -92,6 +92,11 @@ if (empty($categories[0]) && ($currentruleset != "custom.rules")) {
 		$currentruleset = "custom.rules";
 }
 
+/* One last sanity check -- if the rules directory is empty, default to loading custom rules */
+$tmp = glob("{$snortdir}/rules/*.rules");
+if (empty($tmp))
+	$currentruleset = "custom.rules";
+
 $ruledir = "{$snortdir}/rules";
 $rulefile = "{$ruledir}/{$currentruleset}";
 if ($currentruleset != 'custom.rules') {
@@ -100,7 +105,7 @@ if ($currentruleset != 'custom.rules') {
 	if (substr($currentruleset, 0, 10) == "IPS Policy")
 		$rules_map = snort_load_vrt_policy($a_rule[$id]['ips_policy']);
 	elseif (!file_exists($rulefile))
-		$input_errors[] = "{$currentruleset} seems to be missing!!! Please go to the Category tab and save the rule set again to regenerate it.";
+		$input_errors[] = gettext("{$currentruleset} seems to be missing!!! Please verify rules files have been downloaded, then go to the Categories tab and save the rule set again.");
 	else
 		$rules_map = snort_load_rules_map($rulefile);
 }
@@ -221,11 +226,31 @@ if ($_POST['customrules']) {
 		for($i = $start; $i > $end; $i--)
 			$error .= $output[$i];
 		$input_errors[] = "Custom rules have errors:\n {$error}";
-	} else {
+	}
+	else {
 		header("Location: /snort/snort_rules.php?id={$id}&openruleset={$currentruleset}");
 		exit;
 	}
-} else if ($_POST) {
+}
+
+else if ($_POST['apply']) {
+
+	/* Save new configuration */
+	write_config();
+
+	/*************************************************/
+	/* Update the snort conf file and rebuild the    */
+	/* rules for this interface.                     */
+	/*************************************************/
+	$rebuild_rules = "on";
+	snort_generate_conf($a_rule[$id]);
+	$rebuild_rules = "off";
+
+	/* Return to this same page */
+	header("Location: /snort/snort_rules.php?id={$id}&openruleset={$currentruleset}");
+	exit;
+}
+else if($_POST) {
 	unset($a_rule[$id]['customrules']);
 	write_config();
 	header("Location: /snort/snort_rules.php?id={$id}&openruleset={$currentruleset}");
@@ -361,7 +386,9 @@ function popup(url)
 <?php else: ?>
 	<tr>
 		<td width="3%" class="list">&nbsp;</td>
-		<td colspan="7" class="listhdr" >&nbsp;</td>
+		<td colspan="7" class="listhdr" ><input type="submit" name="apply" id="apply" value="Apply Changes" class="formbtn">
+			&nbsp;&nbsp;&nbsp;<?php echo gettext("Click to rebuild the rules with your changes.  Snort must be restarted to use the new rules."); ?>
+			<input type='hidden' name='id' value='<?=$id;?>'></td>
 		<td width="3%" align="center" valign="middle" class="listt"><a href="javascript: void(0)"
 				onclick="popup('snort_rules_edit.php?id=<?=$id;?>&openruleset=<?=$currentruleset;?>')">
 				<img src="../themes/<?= $g['theme']; ?>/images/icons/icon_service_restart.gif" <?php
@@ -449,7 +476,7 @@ function popup(url)
 			<td width="3%" align="center" valign="middle" nowrap class="listt">
 				<a href="javascript: void(0)"
 				onclick="popup('snort_rules_edit.php?id=<?=$id;?>&openruleset=<?=$currentruleset;?>&ids=<?=$sid;?>&gid=<?=$gid;?>')"><img
-				src="../themes/<?= $g['theme']; ?>/images/icons/icon_right.gif"
+				src="../themes/<?= $g['theme']; ?>/images/icons/icon_right.gif" 
 				title="<?php echo gettext("Click to view rule"); ?>" width="17" height="17" border="0"></a>
 				<!-- Codes by Quackit.com -->
 			</td>
diff --git a/config/snort/snort_rules_edit.php b/config/snort/snort_rules_edit.php
index ab1a24b2..8ee6a645 100755
--- a/config/snort/snort_rules_edit.php
+++ b/config/snort/snort_rules_edit.php
@@ -62,6 +62,7 @@ $if_real = snort_get_real_interface($pconfig['interface']);
 $snort_uuid = $a_rule[$id]['uuid'];
 $file = $_GET['openruleset'];
 $contents = '';
+$wrap_flag = "off";
 
 // Read the contents of the argument passed to us.
 // It may be an IPS policy string, an individual SID,
@@ -69,8 +70,10 @@ $contents = '';
 // Test for the special case of an IPS Policy file.
 if (substr($file, 0, 10) == "IPS Policy") {
 	$rules_map = snort_load_vrt_policy($a_rule[$id]['ips_policy']);
-	if (isset($_GET['ids']))
+	if (isset($_GET['ids'])) {
 		$contents = $rules_map[$_GET['gid']][trim($_GET['ids'])]['rule'];
+		$wrap_flag = "on";
+	}
 	else {
 		$contents = "# Snort IPS Policy - " . ucfirst($a_rule[$id]['ips_policy']) . "\n\n";
 		foreach (array_keys($rules_map) as $k1) {
@@ -86,6 +89,7 @@ if (substr($file, 0, 10) == "IPS Policy") {
 elseif (isset($_GET['ids'])) {
 	$rules_map = snort_load_rules_map("{$snortdir}/rules/{$file}");
 	$contents = $rules_map[$_GET['gid']][trim($_GET['ids'])]['rule'];
+	$wrap_flag = "on";
 }
 // Is it our special flowbit rules file?
 elseif ($file == $flowbit_rules_file)
@@ -102,7 +106,7 @@ else {
 	exit;
 }
 
-$pgtitle = array(gettext("Advanced"), gettext("File Viewer"));
+$pgtitle = array(gettext("Snort"), gettext("File Viewer"));
 ?>
 
 <?php include("head.inc");?>
@@ -124,7 +128,7 @@ $pgtitle = array(gettext("Advanced"), gettext("File Viewer"));
 		<tr>
 			<td valign="top" class="label">
 			<div style="background: #eeeeee;" id="textareaitem"><!-- NOTE: The opening *and* the closing textarea tag must be on the same line. -->
-			<textarea wrap="off" rows="33" cols="90" name="code2"><?=$contents;?></textarea>
+			<textarea wrap="<?=$wrap_flag?>" rows="33" cols="90" name="code2"><?=$contents;?></textarea>
 			</div>
 			</td>
 		</tr>
diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php
index 23a24bea..1bf815fb 100755
--- a/config/snort/snort_rulesets.php
+++ b/config/snort/snort_rulesets.php
@@ -32,7 +32,7 @@
 require_once("guiconfig.inc");
 require_once("/usr/local/pkg/snort/snort.inc");
 
-global $g, $flowbit_rules_file;
+global $g, $flowbit_rules_file, $rebuild_rules;
 
 $snortdir = SNORTDIR;
 
@@ -62,6 +62,21 @@ $if_real = snort_get_real_interface($pconfig['interface']);
 $snort_uuid = $a_nat[$id]['uuid'];
 $snortdownload = $config['installedpackages']['snortglobal']['snortdownload'];
 $emergingdownload = $config['installedpackages']['snortglobal']['emergingthreats'];
+$snortcommunitydownload = $config['installedpackages']['snortglobal']['snortcommunityrules'];
+
+$no_emerging_files = false;
+$no_snort_files = false;
+$no_community_files = false;
+
+/* Test rule categories currently downloaded to $SNORTDIR/rules and set appropriate flags */
+$test = glob("{$snortdir}/rules/emerging-*.rules");
+if (empty($test))
+	$no_emerging_files = true;
+$test = glob("{$snortdir}/rules/snort_*.rules");
+if (empty($test))
+	$no_snort_files = true;
+if (!file_exists("{$snortdir}/rules/GPLv2_community.rules"))
+	$no_community_files = true;
 
 if (($snortdownload == 'off') || ($a_nat[$id]['ips_policy_enable'] != 'on'))
 	$policy_select_disable = "disabled";
@@ -119,7 +134,14 @@ if ($_POST["Submit"]) {
 	}
 
 	write_config();
-	sync_snort_package_config();
+
+	/*************************************************/
+	/* Update the snort conf file and rebuild the    */
+	/* rules for this interface.                     */
+	/*************************************************/
+	$rebuild_rules = "on";
+	snort_generate_conf($a_nat[$id]);
+	$rebuild_rules = "off";
 
 	header("Location: /snort/snort_rulesets.php?id=$id");
 	exit;
@@ -142,6 +164,11 @@ if ($_POST['selectall']) {
 		foreach ($files as $file)
 			$rulesets[] = basename($file);
 	}
+	if ($snortcommunitydownload == 'on') {
+		$files = glob("{$snortdir}/rules/sc_*.rules");
+		foreach ($files as $file)
+			$rulesets[] = basename($file);
+	}
 	if ($snortdownload == 'on') {
 		$files = glob("{$snortdir}/rules/snort*.rules");
 		foreach ($files as $file)
@@ -233,12 +260,12 @@ function enable_change()
 	$iscfgdirempty = array();
 	if (file_exists("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/custom.rules"))
 		$iscfgdirempty = (array)("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/custom.rules");
-	if (empty($isrulesfolderempty) && empty($iscfgdirempty)):
+	if (empty($isrulesfolderempty)):
 ?>
 		<tr>
-			<td>
-		<?php printf(gettext("# The rules directory is empty. %s/rules"), $snortdir); ?> <br/>
-		<?php echo gettext("Please go to the Updates tab to download/fetch the rules configured."); ?>	
+			<td class="vexpl"><br/>
+		<?php printf(gettext("# The rules directory is empty:  %s%s/rules%s"), '<strong>',$snortdir,'</strong>'); ?> <br/><br/>
+		<?php printf(gettext("Please go to the %sUpdates%s tab to download the rules configured on the %sGlobal%s tab."),'<strong>' ,'</strong>', '<strong>' ,'</strong>'); ?>
 			</td>
 		</tr>
 <?php else: 
@@ -258,28 +285,31 @@ function enable_change()
 			</tr>
 			<tr>
 				<td colspan="6" valign="center" class="listn">
-					<table width="100%" border="0" cellpadding="0" cellspacing="0">
+					<table width="100%" border="0" cellpadding="2" cellspacing="2">
 					   <tr>
 						<td width="15%" class="listn"><?php echo gettext("Resolve Flowbits"); ?></td>
-						<td width="85%"><input name="autoflowbits" id="autoflowbitrules" type="checkbox" value="on" <?php if ($a_nat[$id]['autoflowbitrules'] == "on") echo "checked"; ?>/></td>
+						<td width="85%"><input name="autoflowbits" id="autoflowbitrules" type="checkbox" value="on" 
+						<?php if ($a_nat[$id]['autoflowbitrules'] == "on" || empty($a_nat[$id]['autoflowbitrules'])) echo "checked"; ?>/>
+						&nbsp;&nbsp;<span class="vexpl"><?php echo gettext("If checked, Snort will auto-enable rules required for checked flowbits.  ");
+						echo gettext("The Default is "); ?><strong><?php echo gettext("Checked."); ?></strong></span></td>
 					   </tr>
 					   <tr>
 						<td width="15%" class="vncell">&nbsp;</td>
 						<td width="85%" class="vtable">
-						<?php echo gettext("If ticked, Snort will examine the enabled rules in your chosen " .
+						<?php echo gettext("Snort will examine the enabled rules in your chosen " .
 						"rule categories for checked flowbits.  Any rules that set these dependent flowbits will " .
-						"be automatically enabled and added to the list of files in the interface rules directory."); ?><br/><br/></td>
+						"be automatically enabled and added to the list of files in the interface rules directory."); ?><br/></td>
 					   </tr>
 					   <tr>
 						<td width="15%" class="listn"><?php echo gettext("Auto Flowbit Rules"); ?></td>
-						<td width="85%"><input type="button" class="formbtn" value="View" onclick="popup('snort_rules_edit.php?id=<?=$id;?>&openruleset=<?=$flowbit_rules_file;?>')" <?php echo $btn_view_flowb_rules; ?>/></td>
+						<td width="85%"><input type="button" class="formbtn" value="View" onclick="popup('snort_rules_edit.php?id=<?=$id;?>&openruleset=<?=$flowbit_rules_file;?>')" <?php echo $btn_view_flowb_rules; ?>/>
+						&nbsp;&nbsp;<span class="vexpl"><?php echo gettext("Click to view auto-enabled rules required to satisfy flowbit dependencies"); ?></span></td>
 					   </tr>
 					   <tr>
 						<td width="15%">&nbsp;</td>
 						<td width="85%">
-						<?php echo gettext("Click to view auto-enabled rules required to satisfy flowbit " .
-						"dependencies from the selected rule categories below.  Auto-enabled rules generating unwanted alerts " .
-						"should have their GID:SID added to the Suppression List for the interface."); ?><br/><br/></td>
+						<?php printf(gettext("%sNote:  %sAuto-enabled rules generating unwanted alerts should have their GID:SID added to the Suppression List for the interface."), '<span class="red"><strong>', '</strong></span>'); ?>
+						<br/></td>
 					   </tr>
 					</table>
 				</td>
@@ -289,20 +319,20 @@ function enable_change()
 			</tr>
 			<tr>
 				<td colspan="6" valign="center" class="listn">
-					<table width="100%" border="0" cellpadding="0" cellspacing="0">
+					<table width="100%" border="0" cellpadding="2" cellspacing="2">
 					   <tr>
 						<td width="15%" class="listn"><?php echo gettext("Use IPS Policy"); ?></td>
 						<td width="85%"><input name="ips_policy_enable" id="ips_policy_enable" type="checkbox" value="on" <?php if ($a_nat[$id]['ips_policy_enable'] == "on") echo "checked"; ?>
-						<?php if ($snortdownload == "off") echo "disabled" ?> onClick="enable_change()"/></td>
+						<?php if ($snortdownload == "off") echo "disabled" ?> onClick="enable_change()"/>&nbsp;&nbsp;<span class="vexpl">
+						<?php echo gettext("If checked, Snort will use rules from the pre-defined IPS policy selected below."); ?></span></td>
 					   </tr>
 					   <tr>
 						<td width="15%" class="vncell">&nbsp;</td>
 						<td width="85%" class="vtable">
-						<?php echo gettext("If ticked, Snort will use rules from the pre-defined IPS policy " .
-						"selected below.  You must be using the Snort VRT rules to use this option."); ?><br/>
+  						<?php printf(gettext("%sNote:%s  You must be using the Snort VRT rules to use this option."),'<span class="red"><strong>','</strong></span>'); ?>
 						<?php echo gettext("Selecting this option disables manual selection of Snort VRT categories in the list below, " .
 						"although Emerging Threats categories may still be selected if enabled on the Global Settings tab.  " .
-						"These will be added to the pre-defined Snort IPS policy rules from the Snort VRT."); ?><br><br/></td>
+						"These will be added to the pre-defined Snort IPS policy rules from the Snort VRT."); ?><br/></td>
 					   </tr>
 					   <tr>
 						<td width="15%" class="listn"><?php echo gettext("IPS Policy"); ?></td>
@@ -311,15 +341,16 @@ function enable_change()
 									<option value="balanced" <?php if ($pconfig['ips_policy'] == "balanced") echo "selected"; ?>><?php echo gettext("Balanced"); ?></option>
 									<option value="security" <?php if ($pconfig['ips_policy'] == "security") echo "selected"; ?>><?php echo gettext("Security"); ?></option>
 								</select>
-						</td>
+						&nbsp;&nbsp;<span class="vexpl"><?php echo gettext("Snort IPS policies are:  Connectivity, Balanced or Security."); ?></span></td>
 					   </tr>
 					   <tr>
 						<td width="15%">&nbsp;</td>
 						<td width="85%">
-						<?php echo gettext("Snort IPS policies are:  Connectivity, Balanced or Security.  " .
-						"Connectivity blocks most major threats with few or no false positives.  Balanced is a good starter policy.  It " .
-						"is speedy, has good base coverage level, and covers most threats of the day.  It includes all rules in Connectivity.  " .
-						"Security is a stringent policy.  It contains everything in the first two plus policy-type rules such as Flash in an Excel file."); ?><br/><br/></td>
+						<?php echo gettext("Connectivity blocks most major threats with few or no false positives.  " . 
+						"Balanced is a good starter policy.  It is speedy, has good base coverage level, and covers " . 
+						"most threats of the day.  It includes all rules in Connectivity." . 
+						"Security is a stringent policy.  It contains everything in the first two " .
+						"plus policy-type rules such as Flash in an Excel file."); ?><br/></td>
 					   </tr>
 					</table>
 				</td>
@@ -327,27 +358,75 @@ function enable_change()
 			<tr>
 				<td colspan="6" class="listtopic"><?php echo gettext("Check the rulesets that you would like Snort to load at startup."); ?><br/></td>
 			</tr>
+			<tr>    <td colspan="6">&nbsp;</td> </tr>
 			<tr>
-				<td colspan="1" align="middle" valign="center"><br/><input value="Select All" type="submit" name="selectall" id="selectall" /><br/></td>
-				<td colspan="1" align="middle" valign="center"><br/><input value="Unselect All" type="submit" name="unselectall" id="selectall" /><br/></td>
-				<td colspan="1" align="middle" valign="center"><br/><input value="Save" class="formbtn" type="submit" name="Submit" id="Submit" /></td>
-				<td colspan="3" valign="center"><?php echo gettext("Click to save changes and auto-resolve flowbit rules (if option is selected above)"); ?><br/></td>
+				<td colspan="6">
+					<table width=100% border="0" cellpadding="2" cellspacing="2">
+						<tr>
+							<td valign="middle"><input value="Select All" type="submit" name="selectall" id="selectall" /></td>
+							<td valign="middle"><input value="Unselect All" type="submit" name="unselectall" id="selectall" /></td>
+							<td valign="middle"><input value="Save" class="formbtn" type="submit" name="Submit" id="Submit" /></td>
+							<td valign="middle"><span class="vexpl"><?php echo gettext("Click to save changes and auto-resolve flowbit rules (if option is selected above)"); ?></span></td>
+						</tr>
+					</table>
 			</tr>
-			<tr>    <td colspan="6">&nbsp;</td> </tr>
+			<tr>
+			    <td colspan="6">&nbsp;</td>
+			</tr>
+
+			<?php if ($no_community_files)
+				$msg_community = "NOTE: Snort Community Rules have not been downloaded.  Perform a Rules Update to enable them.";
+			      else
+				$msg_community = "Snort GPLv2 Community Rules (VRT certified)";
+			?>
+			<?php if ($snortcommunitydownload == 'on'): ?>
+			<tr id="frheader">
+				<td width="5%" class="listhdrr"><?php echo gettext("Enabled"); ?></td>
+				<td colspan="5" class="listhdrr"><?php echo gettext('Ruleset: Snort GPLv2 Community Rules');?></td>
+			</tr>
+			<?php if (in_array("GPLv2_community.rules", $enabled_rulesets_array)): ?>
+			<tr>
+				<td width="5" class="listr" align="center" valign="top">
+				<input type="checkbox" name="toenable[]" value="GPLv2_community.rules" checked="checked"/></td>
+				<td colspan="5" class="listr"><a href='snort_rules.php?id=<?=$id;?>&openruleset=GPLv2_community.rules'><?php echo gettext("{$msg_community}"); ?></a></td>
+			</tr>
+			<?php else: ?>
+			<tr>
+				<td width="5" class="listr" align="center" valign="top">
+				<input type="checkbox" name="toenable[]" value="GPLv2_community.rules" <?php if ($snortcommunitydownload == 'off') echo "disabled"; ?>/></td>
+				<td colspan="5" class="listr"><?php echo gettext("{$msg_community}"); ?></td>
+			</tr>
+
+			<?php endif; ?>
+			<?php else: ?>
+			<tr>
+			    <td colspan="6">&nbsp;</td>
+			</tr>
+			<?php endif; ?>
+
+			<?php if ($no_emerging_files)
+				  $msg_emerging = "downloaded.";
+			      else
+				  $msg_emerging = "enabled.";
+			      if ($no_snort_files)
+				  $msg_snort = "downloaded.";
+			      else
+				  $msg_snort = "enabled.";
+			?>
 			<tr id="frheader">
-				<?php if ($emergingdownload == 'on'): ?>
-					<td width="5%" class="listhdrr"><?php echo gettext("Enabled"); ?></td>
+				<?php if ($emergingdownload == 'on' && !$no_emerging_files): ?>
+					<td width="5%" class="listhdrr" align="center"><?php echo gettext("Enabled"); ?></td>
 					<td width="25%" class="listhdrr"><?php echo gettext('Ruleset: Emerging Threats');?></td>
 				<?php else: ?>
-					<td colspan="2" width="30%" class="listhdrr"><?php echo gettext("Emerging rules have not been enabled"); ?></td>
+					<td colspan="2" align="center" width="30%" class="listhdrr"><?php echo gettext("Emerging Threats rules not {$msg_emerging}"); ?></td>
 				<?php endif; ?>
-				<?php if ($snortdownload == 'on'): ?>
-					<td width="5%" class="listhdrr"><?php echo gettext("Enabled"); ?></td>
-					<td width="25%" class="listhdrr"><?php echo gettext('Ruleset: Snort');?></td>
-					<td width="5%" class="listhdrr"><?php echo gettext("Enabled"); ?></td>
-					<td width="25%" class="listhdrr"><?php echo gettext('Ruleset: Snort SO');?></td>
+				<?php if ($snortdownload == 'on' && !$no_snort_files): ?>
+					<td width="5%" class="listhdrr" align="center"><?php echo gettext("Enabled"); ?></td>
+					<td width="25%" class="listhdrr"><?php echo gettext('Ruleset: Snort Text Rules');?></td>
+					<td width="5%" class="listhdrr" align="center"><?php echo gettext("Enabled"); ?></td>
+					<td width="25%" class="listhdrr"><?php echo gettext('Ruleset: Snort SO Rules');?></td>
 				<?php else: ?>
-					<td colspan="2" width="60%" class="listhdrr"><?php echo gettext("Snort rules have not been enabled"); ?></td>
+					<td colspan="4" align="center" width="60%" class="listhdrr"><?php echo gettext("Snort VRT rules have not been {$msg_snort}"); ?></td>
 				<?php endif; ?>
 				</tr>
 			<?php
-- 
cgit v1.2.3