$config['installedpackages']['snortglobal']['rm_blocked'] = $_POST['rm_blocked'];
if ($_POST['snortloglimitsize']) {
$config['installedpackages']['snortglobal']['snortloglimit'] = $_POST['snortloglimit'];
$config['installedpackages']['snortglobal']['snortloglimitsize'] = $_POST['snortloglimitsize'];
} else {
$config['installedpackages']['snortglobal']['snortloglimit'] = 'on';
/* code will set limit to 21% of slice that is unused */
$snortloglimitDSKsize = round(exec('df -k /var | grep -v "Filesystem" | awk \'{print $4}\'') * 0.22 / 1024);
$config['installedpackages']['snortglobal']['snortloglimitsize'] = $snortloglimitDSKsize;
}
$config['installedpackages']['snortglobal']['autorulesupdate7'] = $_POST['autorulesupdate7'];
$config['installedpackages']['snortglobal']['snortalertlogtype'] = $_POST['snortalertlogtype'];
$config['installedpackages']['snortglobal']['forcekeepsettings'] = $_POST['forcekeepsettings'] ? 'on' : 'off';
$retval = 0;
$snort_snortloglimit_info_ck = $config['installedpackages']['snortglobal']['snortloglimit'];
snort_snortloglimit_install_cron($snort_snortloglimit_info_ck == 'ok' ? true : false);
/* set the snort block hosts time IMPORTANT */
$snort_rm_blocked_info_ck = $config['installedpackages']['snortglobal']['rm_blocked'];
if ($snort_rm_blocked_info_ck == "never_b") {
$snort_rm_blocked_false = false;
} else {
$snort_rm_blocked_false = true;
}
snort_rm_blocked_install_cron($snort_rm_blocked_false);
/* set the snort rules update time */
$snort_rules_up_info_ck = $config['installedpackages']['snortglobal']['autorulesupdate7'];
if ($snort_rules_up_info_ck == "never_up") {
$snort_rules_up_false = false;
} else {
$snort_rules_up_false = true;
}
@file_put_contents("{$snortcfgdir}/snort.conf", $snort_conf_text);
unset($snort_conf_text);
// Create the actual rules files and save them in the interface directory
snort_prepare_rule_files($snortcfg, $snortcfgdir);
// Clean up variables we no longer need and free memory
unset($snort_conf_text, $selected_rules_sections, $suppress_file_name, $snort_misc_include_rules, $spoink_type, $snortunifiedlog_type, $alertsystemlog_type);
unset($home_net, $external_net, $ipvardef, $portvardef);
// Create barnyard2.conf file for interface
if ($snortcfg['barnyard_enable'] == 'on') {
snort_generate_barnyard2_conf($snortcfg, $if_real);
}
}
/* create snort bootup file snort.sh */
snort_create_rc();
/* Set Log Limit, Block Hosts Time and Rules Update Time */
snort_snortloglimit_install_cron(true);
snort_rm_blocked_install_cron($config['installedpackages']['snortglobal']['rm_blocked'] != "never_b" ? true : false);
snort_rules_up_install_cron($config['installedpackages']['snortglobal']['autorulesupdate7'] != "never_up" ? true : false);
/* Restore the last Snort Dashboard Widget setting if none is set */
if (!empty($config['installedpackages']['snortglobal']['dashboard_widget']) && stristr($config['widgets']['sequence'], "snort_alerts-container") === FALSE) {
$config['widgets']['sequence'] .= "," . $config['installedpackages']['snortglobal']['dashboard_widget'];
}
$rebuild_rules = false;
if ($pkg_interface != "console") {
update_output_window(gettext("Finished rebuilding Snort configuration files..."));
}
log_error(gettext("[Snort] Finished rebuilding installation from saved settings..."));
/* Only try to start Snort if not in reboot */
if (!$g['booting']) {
if ($pkg_interface != "console") {
update_status(gettext("Starting Snort using rebuilt configuration..."));
