From 7eb660ddc26afeee20d8c69b4887437e346c8f31 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Tue, 6 Sep 2011 08:10:46 +0000
Subject: Add checks to see if the files exists before being used on the config
 to avoid possible errors.

---
 config/snort/snort.inc | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'config/snort')

diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 839faf23..da6b8873 100644
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -2198,6 +2198,11 @@ EOD;
 	else
 		$def_max_queued_segs_type = ' max_queued_segs ' . $snortcfg['max_queued_segs'] . ',';
 
+	$snort_preprocessor_decoder_rules = "";
+	if (file_exists("/usr/local/etc/snort/preproc_rules/preprocessor.rules"))
+		$snort_preprocessor_decoder_rules .= "include \$PREPROC_RULE_PATH/preprocessor.rules\n";
+	if (file_exists("/usr/local/etc/snort/preproc_rules/decoder.rules"))
+		$snort_preprocessor_decoder_rules .= "include \$PREPROC_RULE_PATH/decoder.rules\n";
 
 	/* build snort configuration file */
 	/* TODO; feed back from pfsense users to reduce false positives */
@@ -2408,8 +2413,8 @@ preprocessor ssl: ports { {$def_ssl_ports_ignore_type} }, trustservers, noinspec
 
 include /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/reference.config
 include /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/classification.config
-include \$PREPROC_RULE_PATH/preprocessor.rules
-include \$PREPROC_RULE_PATH/decoder.rules
+{$snort_preprocessor_decoder_rules}
+
 $threshold_file_name
 
 # Snort user pass through configuration
-- 
cgit v1.2.3