From c3b3ace436cfc9f0cc0ea7e5909c58582b7ed658 Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Sun, 12 Jan 2014 00:25:54 -0500
Subject: Ensure conf_mount_rw() and conf_mount_ro() are used where needed.

---
 config/snort/snort_rulesets.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'config/snort/snort_rulesets.php')

diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php
index 62b68a1b..dc37cb10 100755
--- a/config/snort/snort_rulesets.php
+++ b/config/snort/snort_rulesets.php
@@ -118,7 +118,6 @@ if ($a_nat[$id]['ips_policy_enable'] == 'on') {
 else
 	$disable_vrt_rules = "";
 
-/* alert file */
 if ($_POST["Submit"]) {
 
 	if ($_POST['ips_policy_enable'] == "on") {
@@ -146,6 +145,7 @@ if ($_POST["Submit"]) {
 			@unlink("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$flowbit_rules_file}");
 	}
 
+	conf_mount_rw();
 	write_config();
 
 	/*************************************************/
@@ -155,6 +155,10 @@ if ($_POST["Submit"]) {
 	$rebuild_rules = true;
 	snort_generate_conf($a_nat[$id]);
 	$rebuild_rules = false;
+	conf_mount_ro();
+
+	/* Soft-restart Snort to live-load new rules */
+	snort_reload_config($a_nat[$id]);
 
 	header("Location: /snort/snort_rulesets.php?id=$id");
 	exit;
-- 
cgit v1.2.3