From 557b481600002561242fd8bca999905b391001e5 Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Wed, 17 Sep 2014 21:09:47 -0400
Subject: Remove no longer needed code for generating shell script.

---
 config/snort/snort.inc              | 201 ------------------------------------
 config/snort/snort_post_install.php |  14 ++-
 2 files changed, 6 insertions(+), 209 deletions(-)

(limited to 'config')

diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index e9feec1a..53ae4a9d 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -1109,9 +1109,6 @@ function sync_snort_package_config() {
 	if ($is_dirty)
 		write_config("Snort pkg: updated snort service entry configuration.");
 
-	/* create snort bootup file snort.sh only create once */
-//	snort_create_rc();
-
 	$snortglob = $config['installedpackages']['snortglobal'];
 
 	snort_snortloglimit_install_cron(true);
@@ -2833,204 +2830,6 @@ function snort_modify_sids(&$rule_map, $snortcfg) {
 	unset($enablesid, $disablesid);
 }
 
-function snort_create_rc() {
-
-/*********************************************************/
-/* This function builds the /usr/local/etc/rc.d/snort.sh */
-/* shell script for starting and stopping Snort.  The    */
-/* script is rebuilt on each package sync operation and  */
-/* after any changes to snort.conf saved in the GUI.     */
-/*********************************************************/
-
-	global $config, $g, $pfs_version;
-
-	$snortdir = SNORTDIR;
-	$snortlogdir = SNORTLOGDIR;
-	$rcdir = RCFILEPREFIX;	
-
-	// If no interfaces are configured for Snort, exit
-	if (!is_array($config['installedpackages']['snortglobal']['rule']))
-		return;
-	$snortconf = $config['installedpackages']['snortglobal']['rule'];
-	if (empty($snortconf))
-		return;
-
-	// At least one interface is configured, so OK
-	$start_snort_iface_start = array();
-	$start_snort_iface_stop = array();
-
-	// If not using PBI package, then make sure Barnyard2 can
-	// find the latest MySQL shared libs in /usr/local/lib/mysql
-	if ($pfs_version < 2.1) {
-		$sql_lib_path = "\n# Ensure MySQL shared libs are in ldconfig search path\n";
-		$sql_lib_path .= "/sbin/ldconfig -m /usr/local/lib/mysql";
-		$start_snort_iface_start[] = $sql_lib_path;	
-	}
-
-	// Loop thru each configured interface and build
-	// the shell script.
-	foreach ($snortconf as $value) {
-		// Skip disabled Snort interfaces
-		if ($value['enable'] <> 'on')
-			continue;
-		$snort_uuid = $value['uuid'];
-		$if_real = get_real_interface($value['interface']);
-
-		$start_barnyard = <<<EOE
-
-	if [ ! -f {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid ]; then
-		pid=`/bin/pgrep -fn "barnyard2 -r {$snort_uuid} "`
-	else
-		pid=`/bin/pgrep -F {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid`
-	fi
-	if [ ! -z \$pid ]; then
-		/usr/bin/logger -p daemon.info -i -t SnortStartup "Barnyard2 SOFT RESTART for {$value['descr']}({$snort_uuid}_{$if_real})..."
-		/bin/pkill -HUP \$pid
-	else
-		/usr/bin/logger -p daemon.info -i -t SnortStartup "Barnyard2 START for {$value['descr']}({$snort_uuid}_{$if_real})..."
-		/usr/local/bin/barnyard2 -r {$snort_uuid} -f snort_{$snort_uuid}_{$if_real}.u2 --pid-path {$g['varrun_path']} --nolock-pidfile -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -d {$snortlogdir}/snort_{$if_real}{$snort_uuid} -D -q
-	fi
-
-EOE;
-		$stop_barnyard2 = <<<EOE
-
-	if [ -f {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid ]; then
-		/usr/bin/logger -p daemon.info -i -t SnortStartup "Barnyard2 STOP for {$value['descr']}({$snort_uuid}_{$if_real})..."
-		pid=`/bin/pgrep -F {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid`
-                /bin/pkill -F {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid -a
-		time=0 timeout=30
-		while kill -0 \$pid 2>/dev/null; do
-			sleep 1
-			time=\$((time+1))
-			if [ \$time -gt \$timeout ]; then
-				break
-			fi
-		done
-		if [ -f /var/run/barnyard2_{$if_real}{$snort_uuid}.pid ]; then
-			/bin/rm /var/run/barnyard2_{$if_real}{$snort_uuid}.pid
-		fi
-	else
-		pid=`/bin/pgrep -fn "barnyard2 -r {$snort_uuid} "`
-		if [ ! -z \$pid ]; then
-			/bin/pkill -f "barnyard2 -r {$snort_uuid} "
-			time=0 timeout=30
-			while kill -0 \$pid 2>/dev/null; do
-				sleep 1
-				time=\$((time+1))
-				if [ \$time -gt \$timeout ]; then
-					break
-				fi
-			done
-		fi
-        fi
-
-EOE;
-		if ($value['barnyard_enable'] == 'on')
-			$start_barnyard2 = $start_barnyard;
-		else
-			$start_barnyard2 = $stop_barnyard2;
-
-		$start_snort_iface_start[] = <<<EOE
-
-###### For Each Iface
-	# Start snort and barnyard2
-	if [ ! -f {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid ]; then
-		pid=`/bin/pgrep -fn "snort -R {$snort_uuid} "`
-	else
-		pid=`/bin/pgrep -F {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid`
-	fi
-
-	if [ ! -z \$pid ]; then
-		/usr/bin/logger -p daemon.info -i -t SnortStartup "Snort SOFT RESTART for {$value['descr']}({$snort_uuid}_{$if_real})..."
-		/bin/pkill -HUP \$pid
-	else
-		/usr/bin/logger -p daemon.info -i -t SnortStartup "Snort START for {$value['descr']}({$snort_uuid}_{$if_real})..."
-		/usr/local/bin/snort -R {$snort_uuid} -D -q -l {$snortlogdir}/snort_{$if_real}{$snort_uuid} --pid-path {$g['varrun_path']} --nolock-pidfile -G {$snort_uuid} -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}
-	fi
-
-	sleep 2
-	{$start_barnyard2}
-
-EOE;
-
-		$start_snort_iface_stop[] = <<<EOE
-
-	if [ -f {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid ]; then
-		pid=`/bin/pgrep -F {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid`
-		/usr/bin/logger -p daemon.info -i -t SnortStartup "Snort STOP for {$value['descr']}({$snort_uuid}_{$if_real})..."
-		/bin/pkill -F {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid -a
-		time=0 timeout=30
-		while kill -0 \$pid 2>/dev/null; do
-			sleep 1
-			time=\$((time+1))
-			if [ \$time -gt \$timeout ]; then
-				break
-			fi
-		done
-		if [ -f /var/run/snort_{$if_real}{$snort_uuid}.pid ]; then
-			/bin/rm /var/run/snort_{$if_real}{$snort_uuid}.pid
-		fi
-	else
-		pid=`/bin/pgrep -fn "snort -R {$snort_uuid} "`
-		if [ ! -z \$pid ]; then
-			/usr/bin/logger -p daemon.info -i -t SnortStartup "Snort STOP for {$value['descr']}({$snort_uuid}_{$if_real})..."
-			/bin/pkill -fn "snort -R {$snort_uuid} "
-			time=0 timeout=30
-			while kill -0 \$pid 2>/dev/null; do
-				sleep 1
-				time=\$((time+1))
-				if [ \$time -gt \$timeout ]; then
-					break
-				fi
-			done
-		fi
-	fi
-
-	sleep 2
-	{$stop_barnyard2}
-
-EOE;
-	}
-
-	$rc_start = implode("\n", $start_snort_iface_start);
-	$rc_stop = implode("\n", $start_snort_iface_stop);
-
-	$snort_sh_text = <<<EOD
-#!/bin/sh
-########
-# This file was automatically generated
-# by the pfSense service handler.
-# Code added to protect from double starts on pfSense bootup
-######## Start of main snort.sh
-
-rc_start() {
-	{$rc_start}
-}
-
-rc_stop() {
-	{$rc_stop}
-}
-
-case $1 in
-	start)
-		rc_start
-		;;
-	stop)
-		rc_stop
-		;;
-	restart)
-		rc_stop
-		rc_start
-		;;
-esac
-
-EOD;
-
-	/* write out snort.sh */
-	@file_put_contents("{$rcdir}snort.sh", $snort_sh_text);
-	@chmod("{$rcdir}snort.sh", 0755);
-}
-
 function snort_generate_barnyard2_conf($snortcfg, $if_real) {
 
 	/****************************************************/
diff --git a/config/snort/snort_post_install.php b/config/snort/snort_post_install.php
index ece75f2b..f84cfc55 100644
--- a/config/snort/snort_post_install.php
+++ b/config/snort/snort_post_install.php
@@ -112,9 +112,9 @@ foreach ($preproc_rules as $file) {
 }
 
 /* Remove any previously installed scripts since we rebuild them */
-@unlink("{$snortdir}/sid");
-@unlink("{$rcdir}snort.sh");
-@unlink("{$rcdir}barnyard2");
+unlink_if_exists("{$snortdir}/sid");
+unlink_if_exists("{$rcdir}snort.sh");
+unlink_if_exists("{$rcdir}barnyard2");
 
 /* Create required log and db directories in /var */
 safe_mkdir(SNORTLOGDIR);
@@ -217,10 +217,12 @@ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
 		unset($snort_conf_text, $selected_rules_sections, $suppress_file_name, $snort_misc_include_rules, $spoink_type, $snortunifiedlog_type, $alertsystemlog_type);
 		unset($home_net, $external_net, $ipvardef, $portvardef);
 
-		// create barnyard2.conf file for interface
+		// Create barnyard2.conf file for interface
 		if ($snortcfg['barnyard_enable'] == 'on')
 			snort_generate_barnyard2_conf($snortcfg, $if_real);
 
+		// If this interface is not enabled, we're done with it so
+		// loop to the next one.
 		if ($snortcfg['enable'] != 'on')
 			continue;
 
@@ -269,9 +271,6 @@ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
 		}
 	}
 
-	/* create snort bootup file snort.sh */
-//	snort_create_rc();
-
 	/* Set Log Limit, Block Hosts Time and Rules Update Time */
 	snort_snortloglimit_install_cron(true);
 	snort_rm_blocked_install_cron($config['installedpackages']['snortglobal']['rm_blocked'] != "never_b" ? true : false);
@@ -291,7 +290,6 @@ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
 		update_status(gettext("Starting Snort using rebuilt configuration..."));
 		update_output_window(gettext("Please wait... while Snort is started..."));
 		log_error(gettext("[Snort] Starting Snort using rebuilt configuration..."));
-//		mwexec_bg("{$rcdir}snort.sh start");
 		foreach ($config['installedpackages']['snortglobal']['rule'] as $snortcfg) {
 			if ($snortcfg['enable'] != 'on')
 				continue;
-- 
cgit v1.2.3