From 3691d2b4cc5d9f2635c80de0b7be377164517e1c Mon Sep 17 00:00:00 2001
From: Scott Ullrich <sullrich@pfsense.org>
Date: Tue, 26 Sep 2006 20:46:10 +0000
Subject: Add all virtual ips and ip addresses from all optional interfaces.

---
 packages/snort/snort.inc | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'packages/snort')

diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc
index 12312b2e..e57e8df6 100644
--- a/packages/snort/snort.inc
+++ b/packages/snort/snort.inc
@@ -137,8 +137,23 @@ function generate_snort_conf() {
 		$home_net .= "{$subnet}/{$ifcfg['subnet']} ";
 	}
 
+	/* add all local ips to the whitelist */
+	$wan_if = get_real_wan_interface();
+	$ip = find_interface_ip($wan_if);
+	$home_net .= "{$ip} ";
+
+	/* iterate all interfaces and add to whitelist */
+	foreach($config['interfaces'] as $interface)
+        $home_net .= "{$interface['ipaddr']} ";
+
+	/* iterate all vips and add to whitelist */
+	if($config['virtualip'])
+		foreach($config['virtualip']['vip'] as $vip)
+			$home_net .= $vip['subnet'] . " ";
+
 	/* write out whitelist, convert spaces to carriage returns */
 	$whitelist_home_net = str_replace(" ", "\n", $home_net);
+
 	fwrite($whitelist, $whitelist_home_net);
 
 	/* close file */
-- 
cgit v1.2.3