Bug #14469
closed
Snort Advanced config pass-through encodes entries
100%
Description
When attempting to add a custom snort.conf config line using the Snort Advanced Configuration Pass-Through feature, the contents of the text box become encoded. This text is then inserted into the snort.conf causing the app to fail on start up. Screenshots show the command entered before clicking the Save button, after the save button and the entry in snort.conf.
Files
| screenshot_14.png (23.9 KB) screenshot_14.png | After saving page | ||
| screenshot_13.png (20.5 KB) screenshot_13.png | Before saving page | ||
| screenshot_12.png (10.5 KB) screenshot_12.png | Contents of snort.conf |
Updated by Bill Meeks almost 2 years ago
I was able to replicate this issue. It is caused by a misplaced early Base64 decode of a config parameter. A fix will be in the next Snort GUI package update.
In the meantime, if you want to implement a temporary fix, then make the following edit to the indicated PHP source file.
In /usr/local/snort/www/snort/snort_interfaces_edit.php find the code section shown below starting on line 136:
$pconfig = $a_rule[$id];
if (!empty($pconfig['configpassthru']))
$pconfig['configpassthru'] = base64_decode($pconfig['configpassthru']);
if (empty($pconfig['uuid']))
Comment out 137 and 138 as shown below and save the change:
$pconfig = $a_rule[$id];
// if (!empty($pconfig['configpassthru']))
// $pconfig['configpassthru'] = base64_decode($pconfig['configpassthru']);
if (empty($pconfig['uuid']))
Updated by Bill Meeks almost 2 years ago
A fix for this issue has been submitted in Pull Request 1269: https://github.com/pfsense/FreeBSD-ports/pull/1269. This issue can be marked Resolved when the pull request is merged.
Updated by Jim Pingle almost 2 years ago
- Status changed from New to Resolved
- % Done changed from 0 to 100
PR Merged