From 74f53520ad340806fcc6081a4a983797c9fab2fa Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Sat, 14 Jul 2012 16:12:52 +0000
Subject: Fixup some parts of update sid

---
 config/snort/snort_check_for_rule_updates.php | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

(limited to 'config/snort/snort_check_for_rule_updates.php')

diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index e1da6bf3..f1152c10 100644
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -281,7 +281,8 @@ function snort_apply_customizations($snortcfg, $if_real) {
 
 		@copy("{$snortdir}/classification.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/classification.config");
 		@copy("{$snortdir}/gen-msg.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/gen-msg.map");
-		exec("/bin/cp -r {$snortdir}/generators {$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}");
+		if (is_dir("{$snortdir}/generators"))
+			exec("/bin/cp -r {$snortdir}/generators {$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}");
 		@copy("{$snortdir}/reference.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/reference.config");
 		@copy("{$snortdir}/sid", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/sid");
 		@copy("{$snortdir}/sid-msg.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/sid-msg.map");
@@ -299,18 +300,15 @@ function snort_apply_customizations($snortcfg, $if_real) {
 			$disabled_sids = array_flip($enabled_sid_off_array);
 		}
 
-		$files = glob("{$snortdir}/snort_{$snortcfg}_{$if_real}/rules");
+		$files = glob("{$snortdir}/snort_{$snortcfg}_{$if_real}/rules/*");
 		foreach ($files as $file) {
 			$splitcontents = file($file);
 			$changed = false;
 			foreach ( $splitcontents as $counter => $value ) {
-				$disabled = "False";
-				$findme = "# alert"; //find string for disabled alerts
-				$counter2 = 1;
 				$sid = snort_get_rule_part($value, 'sid:', ';', 0);
 				if (!is_numeric($sid))
 					continue;
-				if (isset($enabled_sids[$sid])) {
+				if (isset($enabled_sids["enablesid {$sid}"])) {
 					if (substr($value, 0, 5) == "alert")
 						/* Rule is already enabled */
 						continue;
@@ -326,7 +324,7 @@ function snort_apply_customizations($snortcfg, $if_real) {
 						$splitcontents[$counter - 1] = substr($value, 2);
 						$changed = true;
 					}
-				} else if (isset($disabled_sids[$sid])) {
+				} else if (isset($disabled_sids["disablesid {$sid}"])) {
 					if (substr($value, 0, 7) == "# alert")
 						/* Rule is already disabled */
 						continue;
@@ -344,9 +342,9 @@ function snort_apply_customizations($snortcfg, $if_real) {
 					}
 
 				}
-				if ($changed == true)
-					@file_put_contents($file, implode("\n", $splitcontents));
 			}
+			if ($changed == true)
+				@file_put_contents($file, implode("\n", $splitcontents));
 		}
 	}
 }
-- 
cgit v1.2.3