From 83f0abac54106e178465d848e2009a66d1ba8735 Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Sun, 29 Sep 2013 10:06:37 -0400
Subject: Fix errors in new snort_unpack_alias() function

---
 config/snort/snort.inc | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'config')

diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index d69f6237..e120b942 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -123,7 +123,7 @@ function snort_unpack_alias($alias) {
 	/* recursive calls to this function.              */
 	/*                                                */
 	/* Fully-qualified-domain-name (FQDN) aliases     */
-	/* are detected and resolved via a pfctl() call.  */
+	/* are detected and resolved via DNS.             */
 	/**************************************************/
 
 	global $config;
@@ -141,9 +141,11 @@ function snort_unpack_alias($alias) {
 						$value .= $a . " ";
 					elseif (is_hostname($a)) {
 						// Found a FQDN value for this Alias, so resolve it
-						$entries = array();
-						exec("/sbin/pfctl -t " . escapeshellarg($alias) . " -T show", $entries);
-						$value .= trim(implode(" ", $entries));
+						$entries = gethostbynamel($a);
+						if ($entries !== FALSE)
+							$value .= trim(implode(" ", $entries)) . " ";
+						else
+							log_error(gettext("[Snort] Failed to resolve FQDN '{$a}' in Alias '{$alias}'..."));
 					}
 					else
 						continue;
-- 
cgit v1.2.3