$config['installedpackages']['snortglobal']['rm_blocked'] = $_POST['rm_blocked']; if ($_POST['snortloglimitsize']) { $config['installedpackages']['snortglobal']['snortloglimit'] = $_POST['snortloglimit']; $config['installedpackages']['snortglobal']['snortloglimitsize'] = $_POST['snortloglimitsize']; } else { $config['installedpackages']['snortglobal']['snortloglimit'] = 'on'; /* code will set limit to 21% of slice that is unused */ $snortloglimitDSKsize = round(exec('df -k /var | grep -v "Filesystem" | awk \'{print $4}\'') * 0.22 / 1024); $config['installedpackages']['snortglobal']['snortloglimitsize'] = $snortloglimitDSKsize; } $config['installedpackages']['snortglobal']['autorulesupdate7'] = $_POST['autorulesupdate7']; $config['installedpackages']['snortglobal']['snortalertlogtype'] = $_POST['snortalertlogtype']; $config['installedpackages']['snortglobal']['forcekeepsettings'] = $_POST['forcekeepsettings'] ? 'on' : 'off'; $retval = 0; $snort_snortloglimit_info_ck = $config['installedpackages']['snortglobal']['snortloglimit']; snort_snortloglimit_install_cron($snort_snortloglimit_info_ck == 'ok' ? true : false); /* set the snort block hosts time IMPORTANT */ $snort_rm_blocked_info_ck = $config['installedpackages']['snortglobal']['rm_blocked']; if ($snort_rm_blocked_info_ck == "never_b") { $snort_rm_blocked_false = false; } else { $snort_rm_blocked_false = true; } snort_rm_blocked_install_cron($snort_rm_blocked_false); /* set the snort rules update time */ $snort_rules_up_info_ck = $config['installedpackages']['snortglobal']['autorulesupdate7']; if ($snort_rules_up_info_ck == "never_up") { $snort_rules_up_false = false; } else { $snort_rules_up_false = true; }
@file_put_contents("{$snortcfgdir}/snort.conf", $snort_conf_text); unset($snort_conf_text); // Create the actual rules files and save them in the interface directory snort_prepare_rule_files($snortcfg, $snortcfgdir); // Clean up variables we no longer need and free memory unset($snort_conf_text, $selected_rules_sections, $suppress_file_name, $snort_misc_include_rules, $spoink_type, $snortunifiedlog_type, $alertsystemlog_type); unset($home_net, $external_net, $ipvardef, $portvardef); // Create barnyard2.conf file for interface if ($snortcfg['barnyard_enable'] == 'on') { snort_generate_barnyard2_conf($snortcfg, $if_real); } } /* create snort bootup file snort.sh */ snort_create_rc(); /* Set Log Limit, Block Hosts Time and Rules Update Time */ snort_snortloglimit_install_cron(true); snort_rm_blocked_install_cron($config['installedpackages']['snortglobal']['rm_blocked'] != "never_b" ? true : false); snort_rules_up_install_cron($config['installedpackages']['snortglobal']['autorulesupdate7'] != "never_up" ? true : false); /* Restore the last Snort Dashboard Widget setting if none is set */ if (!empty($config['installedpackages']['snortglobal']['dashboard_widget']) && stristr($config['widgets']['sequence'], "snort_alerts-container") === FALSE) { $config['widgets']['sequence'] .= "," . $config['installedpackages']['snortglobal']['dashboard_widget']; } $rebuild_rules = false; if ($pkg_interface != "console") { update_output_window(gettext("Finished rebuilding Snort configuration files...")); } log_error(gettext("[Snort] Finished rebuilding installation from saved settings...")); /* Only try to start Snort if not in reboot */ if (!$g['booting']) { if ($pkg_interface != "console") { update_status(gettext("Starting Snort using rebuilt configuration..."));