if (!($rf =& $conn->Execute("SELECT FOUND_ROWS() as total"))) { print $conn->ErrorMsg(); } else { $foundrows = $rf->fields["total"]; } } while (!$rs->EOF) { $allowedHosts .= $allowedHosts != "" ? ",'" . $rs->fields['ip'] . "'" : "'" . $rs->fields['ip'] . "'"; $rs->MoveNext(); } } if ($debug) { echo "ok.\n"; } // 2) CLEAN TEMP DATABASE NOT ALLOWED EVENTS $snort_temp_conn = $db->snort_custom_connect($snort_name_temp); if ($allowedHosts != "") { if ($debug) { echo "Filtering acid_event table..."; } $sql = "DELETE FROM acid_event WHERE INET_NTOA(ip_src) not in ({$allowedHosts}) AND INET_NTOA(ip_dst) not in ({$allowedHosts})"; $snort_temp_conn->Execute($sql); if ($debug) { echo "ok.\n"; } } // REGENERATING AC_* TABLES if ($debug) { echo "Cleaning ac_* tables..."; } $snort_temp_conn->Execute("DELETE FROM ac_sensor_sid");