From 7234111aaac38d620a4e5356d212fa51e2591d8b Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Tue, 7 Jan 2014 20:19:58 -0500
Subject: Fix typo in get_interface_gateway_v6() function name

---
 config/snort/snort.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'config/snort/snort.inc')

diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 79fef4fa..eda009d3 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -440,8 +440,8 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false) {
 		$gw = get_interface_gateway($snortcfg['interface']);
 		if (is_ipaddr($gw) && !in_array($gw, $home_net))
 			$home_net[] = $gw;
-		if (function_exists("get_interface_gatewayv6")) {
-			$gw = get_interface_gatewayv6($snortcfg['interface']);
+		if (function_exists("get_interface_gateway_v6")) {
+			$gw = get_interface_gateway_v6($snortcfg['interface']);
 			if (is_ipaddrv6($gw) && !in_array($gw, $home_net))
 				$home_net[] = $gw;
 		}
-- 
cgit v1.2.3


From 51e70ca039db270bfb2678034fc0d8789715b690 Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Fri, 10 Jan 2014 23:49:43 -0500
Subject: Fix auto log limit cleanup so it actually works.

---
 config/snort/snort.inc | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

(limited to 'config/snort/snort.inc')

diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index eda009d3..7a151f7a 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -636,14 +636,14 @@ function snort_get_real_interface($interface) {
 }
 
 /*
- this code block is for deleteing logs while keeping the newest file,
+ this code block is for deleting logs while keeping the newest file,
  snort is linked to these files while running, do not take the easy way out
  by touch and rm, snort will lose sync and not log.
 */
 function snort_post_delete_logs($snort_uuid = 0) {
 	global $config, $g;
 
-	/* do not start config build if rules is empty */
+	/* do nothing if no Snort interfaces active */
 	if (!is_array($config['installedpackages']['snortglobal']['rule']))
 		return;
 
@@ -651,14 +651,22 @@ function snort_post_delete_logs($snort_uuid = 0) {
 		if ($value['uuid'] != $snort_uuid)
 			continue;
 		$if_real = snort_get_real_interface($value['interface']);
-		$snort_log_dir = "/var/log/snort/snort_{$if_real}{$snort_uuid}";
+		$snort_log_dir = SNORTLOGDIR . "/snort_{$if_real}{$snort_uuid}";
 
 		if ($if_real != '') {
+			/* Clean-up Barnyard2 files if any exist */
 			$filelist = glob("{$snort_log_dir}/*{$snort_uuid}_{$if_real}.u2.*");
 			unset($filelist[count($filelist) - 1]);
 			foreach ($filelist as $file)
 				@unlink($file);
 
+			/* Clean-up packet capture files if any exist */
+			$filelist = glob("{$snort_log_dir}/snort.log.*");
+			unset($filelist[count($filelist) - 1]);
+			foreach ($filelist as $file)
+				@unlink($file);
+
+			/* Clean-up stats files if they are enabled */
 			if ($value['perform_stat'] == 'on') {
 				$fd = fopen("{$snort_log_dir}/{$if_real}.stats", "w");
 				if ($fd) {
@@ -674,7 +682,7 @@ function snort_Getdirsize($node) {
 	if(!is_readable($node))
 		return false;
 
-	$blah = exec( "/usr/bin/du -kd $node" );
+	$blah = exec( "/usr/bin/du -kdc $node" );
 	return substr( $blah, 0, strpos($blah, 9) );
 }
 
-- 
cgit v1.2.3


From ba3edc934faf8887fd5ea9e785392d84f2cd288c Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Sat, 11 Jan 2014 11:49:44 -0500
Subject: More fixes for auto log cleanup cron job.

---
 config/snort/snort.inc | 1 +
 1 file changed, 1 insertion(+)

(limited to 'config/snort/snort.inc')

diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 7a151f7a..4351a9b0 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -678,6 +678,7 @@ function snort_post_delete_logs($snort_uuid = 0) {
 	}
 }
 
+/* This returns size of passed directory or file in 1024-byte blocks */
 function snort_Getdirsize($node) {
 	if(!is_readable($node))
 		return false;
-- 
cgit v1.2.3


From 8e3a6c43552fa36df9dd19a0dd0db312add43d11 Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Sun, 12 Jan 2014 00:28:21 -0500
Subject: Bump Snort pkg version to 3.0.2 -- bug fixes.

---
 config/snort/snort.inc | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'config/snort/snort.inc')

diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 4351a9b0..91298838 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -54,7 +54,7 @@ if (empty($snort_version))
 	$snort_version = "2.9.5.5";
 
 /* package version */
-$pfSense_snort_version = "3.0.1";
+$pfSense_snort_version = "3.0.2";
 $snort_package_version = "Snort {$snort_version} pkg v{$pfSense_snort_version}";
 
 // Define SNORTDIR and SNORTLIBDIR constants according to pfSense version
@@ -662,7 +662,6 @@ function snort_post_delete_logs($snort_uuid = 0) {
 
 			/* Clean-up packet capture files if any exist */
 			$filelist = glob("{$snort_log_dir}/snort.log.*");
-			unset($filelist[count($filelist) - 1]);
 			foreach ($filelist as $file)
 				@unlink($file);
 
-- 
cgit v1.2.3