if (!($rf =& $conn->Execute("SELECT FOUND_ROWS() as total"))) {
print $conn->ErrorMsg();
} else {
$foundrows = $rf->fields["total"];
}
}
while (!$rs->EOF) {
$allowedHosts .= $allowedHosts != "" ? ",'" . $rs->fields['ip'] . "'" : "'" . $rs->fields['ip'] . "'";
$rs->MoveNext();
}
}
if ($debug) {
echo "ok.\n";
}
// 2) CLEAN TEMP DATABASE NOT ALLOWED EVENTS
$snort_temp_conn = $db->snort_custom_connect($snort_name_temp);
if ($allowedHosts != "") {
if ($debug) {
echo "Filtering acid_event table...";
}
$sql = "DELETE FROM acid_event WHERE INET_NTOA(ip_src) not in ({$allowedHosts}) AND INET_NTOA(ip_dst) not in ({$allowedHosts})";
$snort_temp_conn->Execute($sql);
if ($debug) {
echo "ok.\n";
}
}
// REGENERATING AC_* TABLES
if ($debug) {
echo "Cleaning ac_* tables...";
}
$snort_temp_conn->Execute("DELETE FROM ac_sensor_sid");
