[Snort-users] webmin $RULE_PATH issues FIX

Christopher Lyon cslyon at ...6523...
Wed Jul 23 20:13:42 EDT 2003


I don't know if this has been posted yet or not but I can just remember
some people having problems with this issue. So here is goes.

Anybody using Snort that has the 'var $RULE_PATH....' set in there
snort.conf file and who also wants to use Webmin, this fix should solve
the problem. If you can remember some of the posts before, the snort
webmin module didn't handle the '$' very well and the way the original
expression was written gave the following result on the snort webmin
page:  '$RULE_PATH/rulename'. So, the change to the expression in the
index.cgi seems to have fixed the issue. You should just have the
'rulename' in the snort webmin page.

 
change to index.cgi on line 54
You can usually find this under /usr/libexec/webmin/snort
That is if you installed in using an RPM.


Here is the diff for you. Note this is the only line that has changed: 


($rule) = $ruleset =~ /(\w+-*\w+-*\w+).rules/;



diff -c ./index.cgi.old ./index.cgi.new

*** ./index.cgi.old        2003-07-23 01:06:58.000000000 -0700
--- ./index.cgi.new        2003-07-22 21:01:46.000000000 -0700
***************
*** 51,57 ****
  print "<br><font size=-1>$text{'index_rule_msg'}</font>" if
($access{'rules'} ne "*");
  
  foreach $ruleset (@rulefiles) {
!    ($rule) = $ruleset =~ /[#]*(\S+)\.rules/;
  
     # Check to see if user can access a given ruleset
     if ($access{'rules'} ne "*") {
--- 51,57 ----
  print "<br><font size=-1>$text{'index_rule_msg'}</font>" if
($access{'rules'} ne "*");
  
  foreach $ruleset (@rulefiles) {
!    ($rule) = $ruleset =~ /(\w+-*\w+-*\w+).rules/;
  
     # Check to see if user can access a given ruleset
     if ($access{'rules'} ne "*") {



I have it working on a couple of sensors without any problems. 







More information about the Snort-users mailing list