From c3b3ace436cfc9f0cc0ea7e5909c58582b7ed658 Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Sun, 12 Jan 2014 00:25:54 -0500
Subject: Ensure conf_mount_rw() and conf_mount_ro() are used where needed.

---
 config/snort/snort_rules.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'config/snort/snort_rules.php')

diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php
index 0434f88f..37b06914 100755
--- a/config/snort/snort_rules.php
+++ b/config/snort/snort_rules.php
@@ -319,21 +319,25 @@ if ($_GET['act'] == "resetall" && !empty($rules_map)) {
 }
 
 if ($_POST['clear']) {
+	conf_mount_rw();
 	unset($a_rule[$id]['customrules']);
 	write_config();
 	$rebuild_rules = true;
 	snort_generate_conf($a_rule[$id]);
 	$rebuild_rules = false;
+	conf_mount_ro();
 	header("Location: /snort/snort_rules.php?id={$id}&openruleset={$currentruleset}");
 	exit;
 }
 
 if ($_POST['customrules']) {
+	conf_mount_rw();
 	$a_rule[$id]['customrules'] = base64_encode($_POST['customrules']);
 	write_config();
 	$rebuild_rules = true;
 	snort_generate_conf($a_rule[$id]);
 	$rebuild_rules = false;
+	conf_mount_ro();
 	$output = "";
 	$retcode = "";
 	exec("/usr/local/bin/snort -T -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/snort.conf 2>&1", $output, $retcode);
@@ -352,7 +356,7 @@ if ($_POST['customrules']) {
 }
 
 else if ($_POST['apply']) {
-
+	conf_mount_rw();
 	/* Save new configuration */
 	write_config();
 
@@ -363,6 +367,10 @@ else if ($_POST['apply']) {
 	$rebuild_rules = true;
 	snort_generate_conf($a_rule[$id]);
 	$rebuild_rules = false;
+	conf_mount_ro();
+
+	/* Soft-restart Snort to live-load new rules */
+	snort_reload_config($a_rule[$id]);
 
 	/* Return to this same page */
 	header("Location: /snort/snort_rules.php?id={$id}&openruleset={$currentruleset}");
-- 
cgit v1.2.3