function snort_apply_customizations($snortcfg, $if_real)
{
global $vrt_enabled, $rebuild_rules;
$snortdir = SNORTDIR;
/* Update the Preprocessor rules from the master configuration for the interface if Snort */
/* VRT rules are in use and the interface's preprocessor rules are not protected. */
if ($vrt_enabled == 'on' && ($snortcfg['protect_preproc_rules'] != 'on' || $g['snort_postinstall'])) {
$preproc_files = glob("{$snortdir}/preproc_rules/*.rules");
foreach ($preproc_files as $file) {
$newfile = basename($file);
@copy($file, "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/preproc_rules/{$newfile}");
}
}
if ($rebuild_rules == true) {
snort_prepare_rule_files($snortcfg, "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}");
}
/* Copy the master config and map files to the interface directory */
@copy("{$snortdir}/classification.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/classification.config");
@copy("{$snortdir}/reference.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/reference.config");
@copy("{$snortdir}/gen-msg.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/gen-msg.map");
@copy("{$snortdir}/unicode.map", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/unicode.map");
}
$snort_uuid = $snortcfg['uuid'];
$snortcfgdir = "{$snortdir}/snort_{$snort_uuid}_{$if_real}";
update_output_window(gettext("Generating configuration for " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . "..."));
// Pull in the PHP code that generates the snort.conf file
// variables that will be substituted further down below.
include "/usr/local/pkg/snort/snort_generate_conf.php";
// Pull in the boilerplate template for the snort.conf
// configuration file. The contents of the template along
// with substituted variables are stored in $snort_conf_text
// (which is defined in the included file).
include "/usr/local/pkg/snort/snort_conf_template.inc";
// Now write out the conf file using $snort_conf_text contents
@file_put_contents("{$snortcfgdir}/snort.conf", $snort_conf_text);
unset($snort_conf_text);
// Create the actual rules files and save them in the interface directory
snort_prepare_rule_files($snortcfg, $snortcfgdir);
// Clean up variables we no longer need and free memory
unset($snort_conf_text, $selected_rules_sections, $suppress_file_name, $snort_misc_include_rules, $spoink_type, $snortunifiedlog_type, $alertsystemlog_type);
unset($home_net, $external_net, $ipvardef, $portvardef);
// Create barnyard2.conf file for interface
if ($snortcfg['barnyard_enable'] == 'on') {
snort_generate_barnyard2_conf($snortcfg, $if_real);
}
}
/* create snort bootup file snort.sh */
snort_create_rc();
/* Set Log Limit, Block Hosts Time and Rules Update Time */
snort_snortloglimit_install_cron(true);
snort_rm_blocked_install_cron($config['installedpackages']['snortglobal']['rm_blocked'] != "never_b" ? true : false);
snort_rules_up_install_cron($config['installedpackages']['snortglobal']['autorulesupdate7'] != "never_up" ? true : false);
/* Restore the last Snort Dashboard Widget setting if none is set */
