From 5f9c567daf5f1ab98001b6a200f553ccf2364180 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Thu, 9 Oct 2014 19:10:32 -0400 Subject: Consolidate calls to write_config() and improve nanoBSD performance. --- config/snort/snort_interfaces.php | 1 + config/snort/snort_migrate_config.php | 3 +-- config/snort/snort_post_install.php | 19 ++++++------------- 3 files changed, 8 insertions(+), 15 deletions(-) (limited to 'config/snort') diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php index 6a5a1aea..38471ef0 100755 --- a/config/snort/snort_interfaces.php +++ b/config/snort/snort_interfaces.php @@ -69,6 +69,7 @@ if (isset($_POST['del_x'])) { write_config("Snort pkg: deleted one or more Snort interfaces."); sleep(2); + conf_mount_rw(); sync_snort_package_config(); conf_mount_ro(); header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); diff --git a/config/snort/snort_migrate_config.php b/config/snort/snort_migrate_config.php index e8ba7028..9569c475 100644 --- a/config/snort/snort_migrate_config.php +++ b/config/snort/snort_migrate_config.php @@ -488,11 +488,10 @@ foreach ($rule as &$r) { // Release reference to final array element unset($r); -// Write out the new configuration to disk if we changed anything +// Log a message if we changed anything if ($updated_cfg) { $config['installedpackages']['snortglobal']['snort_config_ver'] = "3.1.3"; log_error("[Snort] Saving configuration settings in new format..."); - write_config("Snort pkg: migrate existing settings to new format as part of package upgrade."); log_error("[Snort] Settings successfully migrated to new configuration format..."); } else diff --git a/config/snort/snort_post_install.php b/config/snort/snort_post_install.php index 8d1588d9..13191a44 100644 --- a/config/snort/snort_post_install.php +++ b/config/snort/snort_post_install.php @@ -73,7 +73,6 @@ $snortlibdir = SNORTLIBDIR; $rcdir = RCFILEPREFIX; $flowbit_rules_file = FLOWBITS_FILENAME; $snort_enforcing_rules_file = SNORT_ENFORCING_RULES_FILENAME; -$mounted_rw = FALSE; /* Hard kill any running Snort processes that may have been started by any */ /* of the pfSense scripts such as check_reload_status() or rc.start_packages */ @@ -94,11 +93,8 @@ if(is_process_running("barnyard")) { /* Set flag for post-install in progress */ $g['snort_postinstall'] = true; -/* If not already, set Snort conf partition to read-write so we can make changes there */ -if (!is_subsystem_dirty('mount')) { - conf_mount_rw(); - $mounted_rw = TRUE; -} +/* Set conf partition to read-write so we can make changes there */ +conf_mount_rw(); /* cleanup default files */ @rename("{$snortdir}/snort.conf-sample", "{$snortdir}/snort.conf"); @@ -135,7 +131,6 @@ if ($pkgid >= 0) { log_error(gettext("[Snort] Removing legacy 'Dashboard Widget: Snort' package because the widget is now part of the Snort package.")); unset($config['installedpackages']['package'][$pkgid]); unlink_if_exists("/usr/local/pkg/widget-snort.xml"); - write_config("Snort pkg: removed legacy Snort Dashboard Widget."); } /* Define a default Dashboard Widget Container for Snort */ @@ -175,8 +170,6 @@ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') { $fixed_duplicate = TRUE; } } - if ($fixed_duplicate) - write_config("Snort pkg: updated interface UUIDs to eliminate duplicates."); unset($uuids); } /****************************************************************/ @@ -194,6 +187,7 @@ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') { include('/usr/local/pkg/snort/snort_check_for_rule_updates.php'); update_status(gettext("Generating snort.conf configuration file from saved settings...")); $rebuild_rules = true; + conf_mount_rw(); /* Create the snort.conf files for each enabled interface */ $snortconf = $config['installedpackages']['snortglobal']['rule']; @@ -259,9 +253,8 @@ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') { } } -/* We're finished with conf partition mods, return to read-only if we changed it */ -if ($mounted_rw == TRUE) - conf_mount_ro(); +/* We're finished with conf partition mods, return to read-only */ +conf_mount_ro(); /* If an existing Snort Dashboard Widget container is not found, */ /* then insert our default Widget Dashboard container. */ @@ -270,7 +263,7 @@ if (stristr($config['widgets']['sequence'], "snort_alerts-container") === FALSE) /* Update Snort package version in configuration */ $config['installedpackages']['snortglobal']['snort_config_ver'] = "3.1.3"; -write_config("Snort pkg: post-install configuration saved."); +write_config("Snort pkg v3.1.3: post-install configuration saved."); /* Done with post-install, so clear flag */ unset($g['snort_postinstall']); -- cgit v1.2.3