From f57cdb06ad1461dd313560bef691f554e0e395e7 Mon Sep 17 00:00:00 2001 From: Ermal Date: Wed, 11 Jul 2012 23:43:41 +0000 Subject: Correct the way ssl preprocessor expect port list --- config/snort/snort.inc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'config') diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 363f2b71..003e551a 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -1240,6 +1240,7 @@ EOD; $ports[$alias] = $snortcfg["def_{$alias}"]; $portvardef .= "portvar " . strtoupper($alias) . " [" . $ports[$alias] . "]\n"; } + $def_ssl_ports_ignore = str_replace(",", " ", $ports['ssl_ports_ignore']); $snort_preproc = array ( "perform_stat", "http_inspect", "other_preprocs", "ftp_preprocessor", "smtp_preprocessor", @@ -1325,7 +1326,7 @@ preprocessor stream5_icmp: {$snort_preprocessors} # Ignore SSL and Encryption # -preprocessor ssl: ports { {$ports['ssl_ports_ignore']} }, trustservers, noinspect_encrypted +preprocessor ssl: ports { {$def_ssl_ports_ignore} }, trustservers, noinspect_encrypted # Snort Output Logs # {$snortunifiedlogbasic_type} -- cgit v1.2.3