From db7a6af3701beca6e4e23c7679e293f80e0441db Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Wed, 27 Nov 2013 20:17:04 -0500 Subject: Add logic to prevent writing conf settings with no interfaces defined. --- config/snort/snort_interfaces_global.php | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) (limited to 'config/snort/snort_interfaces_global.php') diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php index 77cb0e7c..b22a6934 100644 --- a/config/snort/snort_interfaces_global.php +++ b/config/snort/snort_interfaces_global.php @@ -98,19 +98,21 @@ if (!$input_errors) { // Now walk all the configured interface rulesets and remove // any matching the disabled ruleset prefixes. - foreach ($config['installedpackages']['snortglobal']['rule'] as &$iface) { - // Disable Snort IPS policy if VRT rules are disabled - if ($disable_ips_policy) { - $iface['ips_policy_enable'] = 'off'; - unset($iface['ips_policy']); + if (is_array($config['installedpackages']['snortglobal']['rule'])) { + foreach ($config['installedpackages']['snortglobal']['rule'] as &$iface) { + // Disable Snort IPS policy if VRT rules are disabled + if ($disable_ips_policy) { + $iface['ips_policy_enable'] = 'off'; + unset($iface['ips_policy']); + } + $enabled_rules = explode("||", $iface['rulesets']); + foreach ($enabled_rules as $k => $v) { + foreach ($disabled_rules as $d) + if (strpos(trim($v), $d) !== false) + unset($enabled_rules[$k]); + } + $iface['rulesets'] = implode("||", $enabled_rules); } - $enabled_rules = explode("||", $iface['rulesets']); - foreach ($enabled_rules as $k => $v) { - foreach ($disabled_rules as $d) - if (strpos(trim($v), $d) !== false) - unset($enabled_rules[$k]); - } - $iface['rulesets'] = implode("||", $enabled_rules); } $config['installedpackages']['snortglobal']['oinkmastercode'] = $_POST['oinkmastercode']; -- cgit v1.2.3