$uuids = array(); $suriconf =& $config['installedpackages']['suricata']['rule']; foreach ($suriconf as &$suricatacfg) { // Remove any duplicate ruleset names from earlier bug $rulesets = explode("||", $suricatacfg['rulesets']); $suricatacfg['rulesets'] = implode("||", array_keys(array_flip($rulesets))); // Now check for and fix a duplicate UUID $if_real = get_real_interface($suricatacfg['interface']); if (!isset($uuids[$suricatacfg['uuid']])) { $uuids[$suricatacfg['uuid']] = $if_real; continue; } else { // Found a duplicate UUID, so generate a // new one for the affected interface. $old_uuid = $suricatacfg['uuid']; $new_uuid = suricata_generate_id(); if (file_exists("{$suricatalogdir}suricata_{$if_real}{$old_uuid}/")) { @rename("{$suricatalogdir}suricata_{$if_real}{$old_uuid}/", "{$suricatalogdir}suricata_{$if_real}{$new_uuid}/"); } $suricatacfg['uuid'] = $new_uuid; $uuids[$new_uuid] = $if_real; log_error(gettext("[Suricata] updated UUID for interface " . convert_friendly_interface_to_friendly_descr($suricatacfg['interface']) . " from {$old_uuid} to {$new_uuid}.")); } } unset($uuids, $rulesets); } /****************************************************************/ /* End of duplicate UUID and "dns-events.rules" bug fix. */ /****************************************************************/ /* Do one-time settings migration for new version configuration */ $static_output .= gettext("\nMigrating settings to new configuration...");
suricata_stop($a_rule[$id], $oif_real); $suricata_start = true; } else { $suricata_start = false; } @rename("{$suricatalogdir}suricata_{$oif_real}{$a_rule[$id]['uuid']}", "{$suricatalogdir}suricata_{$if_real}{$a_rule[$id]['uuid']}"); conf_mount_rw(); @rename("{$suricatadir}suricata_{$a_rule[$id]['uuid']}_{$oif_real}", "{$suricatadir}suricata_{$a_rule[$id]['uuid']}_{$if_real}"); conf_mount_ro(); } $a_rule[$id] = $natent; } elseif (strcasecmp($action, 'dup') == 0) { // Duplicating an existing interface to a new interface, so set flag to build new rules $rebuild_rules = true; // Duplicating an interface, so need to generate a new UUID for the cloned interface $natent['uuid'] = suricata_generate_id(); // Add the new duplicated interface configuration to the [rule] array in config $a_rule[] = $natent; } else { // Adding new interface, so set interface configuration parameter defaults $natent['ip_max_frags'] = "65535"; $natent['ip_frag_timeout'] = "60"; $natent['frag_memcap'] = '33554432'; $natent['ip_max_trackers'] = '65535'; $natent['frag_hash_size'] = '65536'; $natent['flow_memcap'] = '33554432'; $natent['flow_prealloc'] = '10000'; $natent['flow_hash_size'] = '65536'; $natent['flow_emerg_recovery'] = '30'; $natent['flow_prune'] = '5'; $natent['flow_tcp_new_timeout'] = '60';