From d5e181e9781b138fd7511f86306af63f1f449628 Mon Sep 17 00:00:00 2001
From: Bill Meeks <bmeeks8@bellsouth.net>
Date: Thu, 3 Mar 2016 08:21:00 -0500
Subject: [PATCH 01/11] Fix bad filename caused by missing global tag on
 variable in LOGS tab.

---
 .../files/usr/local/www/snort/snort_interface_logs.php          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interface_logs.php b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interface_logs.php
index dcda85477989..3bfb91b61e77 100644
--- a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interface_logs.php
+++ b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interface_logs.php
@@ -99,7 +99,7 @@
 	print_info_box($savemsg);
 
 function build_logfile_list() {
-	global $snortlogdir;
+	global $snortlogdir, $if_real;
 
 	$list = array();
 

From ca3d664b635756fe7537d39c7a3f592dcfc47b31 Mon Sep 17 00:00:00 2001
From: Bill Meeks <bmeeks8@bellsouth.net>
Date: Thu, 3 Mar 2016 08:29:19 -0500
Subject: [PATCH 02/11] Remove old JavaScript include file that is no longer
 needed.

---
 .../files/usr/local/www/snort/snort_interface_logs.php           | 1 -
 1 file changed, 1 deletion(-)

diff --git a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interface_logs.php b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interface_logs.php
index 3bfb91b61e77..b56b5b2f8057 100644
--- a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interface_logs.php
+++ b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interface_logs.php
@@ -173,7 +173,6 @@ function build_logfile_list() {
 print($form);
 ?>
 
-<script type="text/javascript" src="/javascript/base64.js"></script>
 <script type="text/javascript">
 //<![CDATA[
 events.push(function() {

From 8404b986d2ca2f92d67a22ed15be851c009f5bce Mon Sep 17 00:00:00 2001
From: Bill Meeks <bmeeks8@bellsouth.net>
Date: Thu, 3 Mar 2016 09:45:12 -0500
Subject: [PATCH 03/11] Fix settings not saving on LOG MGMT tab.

---
 .../usr/local/www/snort/snort_log_mgmt.php    | 47 ++++++++++---------
 1 file changed, 25 insertions(+), 22 deletions(-)

diff --git a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_log_mgmt.php b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_log_mgmt.php
index 56285b741e9e..97ac0402e024 100644
--- a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_log_mgmt.php
+++ b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_log_mgmt.php
@@ -45,21 +45,24 @@
 $pconfig = array();
 
 // Grab saved settings from configuration
-$pconfig['enable_log_mgmt'] = $config['installedpackages']['snortglobal']['enable_log_mgmt'] == 'on' ? 'on' : 'off';
-$pconfig['clearlogs'] = $config['installedpackages']['snortglobal']['clearlogs'];
-$pconfig['snortloglimit'] = $config['installedpackages']['snortglobal']['snortloglimit'];
-$pconfig['snortloglimitsize'] = $config['installedpackages']['snortglobal']['snortloglimitsize'];
-$pconfig['alert_log_limit_size'] = $config['installedpackages']['snortglobal']['alert_log_limit_size'];
-$pconfig['alert_log_retention'] = $config['installedpackages']['snortglobal']['alert_log_retention'];
-$pconfig['stats_log_limit_size'] = $config['installedpackages']['snortglobal']['stats_log_limit_size'];
-$pconfig['stats_log_retention'] = $config['installedpackages']['snortglobal']['stats_log_retention'];
-$pconfig['sid_changes_log_limit_size'] = $config['installedpackages']['snortglobal']['sid_changes_log_limit_size'];
-$pconfig['sid_changes_log_retention'] = $config['installedpackages']['snortglobal']['sid_changes_log_retention'];
-$pconfig['event_pkts_log_limit_size'] = '0';
-$pconfig['event_pkts_log_retention'] = $config['installedpackages']['snortglobal']['event_pkts_log_retention'];
-$pconfig['appid_stats_log_limit_size'] = $config['installedpackages']['snortglobal']['appid_stats_log_limit_size'];
-$pconfig['appid_stats_log_retention'] = $config['installedpackages']['snortglobal']['appid_stats_log_retention'];
-
+if (isset($_POST['save']))
+	$pconfig = $_POST;
+else {
+	$pconfig['enable_log_mgmt'] = $config['installedpackages']['snortglobal']['enable_log_mgmt'] == "on" ? 'on' : 'off';
+	$pconfig['clearlogs'] = $config['installedpackages']['snortglobal']['clearlogs'] == "on" ? 'on' : 'off';
+	$pconfig['snortloglimit'] = $config['installedpackages']['snortglobal']['snortloglimit'] == "on" ? 'on' : 'off';
+	$pconfig['snortloglimitsize'] = $config['installedpackages']['snortglobal']['snortloglimitsize'];
+	$pconfig['alert_log_limit_size'] = $config['installedpackages']['snortglobal']['alert_log_limit_size'];
+	$pconfig['alert_log_retention'] = $config['installedpackages']['snortglobal']['alert_log_retention'];
+	$pconfig['stats_log_limit_size'] = $config['installedpackages']['snortglobal']['stats_log_limit_size'];
+	$pconfig['stats_log_retention'] = $config['installedpackages']['snortglobal']['stats_log_retention'];
+	$pconfig['sid_changes_log_limit_size'] = $config['installedpackages']['snortglobal']['sid_changes_log_limit_size'];
+	$pconfig['sid_changes_log_retention'] = $config['installedpackages']['snortglobal']['sid_changes_log_retention'];
+	$pconfig['event_pkts_log_limit_size'] = '0';
+	$pconfig['event_pkts_log_retention'] = $config['installedpackages']['snortglobal']['event_pkts_log_retention'];
+	$pconfig['appid_stats_log_limit_size'] = $config['installedpackages']['snortglobal']['appid_stats_log_limit_size'];
+	$pconfig['appid_stats_log_retention'] = $config['installedpackages']['snortglobal']['appid_stats_log_retention'];
+}
 // Load up some arrays with selection values (we use these later).
 // The keys in the $retentions array are the retention period
 // converted to hours.  The keys in the $log_sizes array are
@@ -101,7 +104,7 @@
 if (!isset($pconfig['appid_stats_log_limit_size']))
 	$pconfig['appid_stats_log_limit_size'] = "1000";
 
-if ($_POST['ResetAll']) {
+if (isset($_POST['ResetAll'])) {
 
 	// Reset all settings to their defaults
 	$pconfig['alert_log_retention'] = "336";
@@ -120,9 +123,9 @@
 	$savemsg = gettext("All log management settings on this page have been reset to their defaults.  Click APPLY if you wish to keep these new settings.");
 }
 
-if ($_POST["save"] || $_POST['apply']) {
+if (isset($_POST['save']) || isset($_POST['apply'])) {
 	if ($_POST['enable_log_mgmt'] != 'on') {
-		$config['installedpackages']['snortglobal']['enable_log_mgmt'] = $_POST['enable_log_mgmt'] ? 'on' :'off';
+		$config['installedpackages']['snortglobal']['enable_log_mgmt'] = 'off';
 		write_config("Snort pkg: saved updated configuration for LOGS MGMT.");
 		conf_mount_rw();
 		sync_snort_package_config();
@@ -144,9 +147,9 @@
 	}
 
 	if (!$input_errors) {
-		$config['installedpackages']['snortglobal']['enable_log_mgmt'] = $_POST['enable_log_mgmt'] ? 'on' :'off';
+		$config['installedpackages']['snortglobal']['enable_log_mgmt'] = $_POST['enable_log_mgmt'] ? 'on' : 'off';
 		$config['installedpackages']['snortglobal']['clearlogs'] = $_POST['clearlogs'] ? 'on' : 'off';
-		$config['installedpackages']['snortglobal']['snortloglimit'] = $_POST['snortloglimit'];
+		$config['installedpackages']['snortglobal']['snortloglimit'] = $_POST['snortloglimit'] ? 'on' : 'off';
 		$config['installedpackages']['snortglobal']['snortloglimitsize'] = $_POST['snortloglimitsize'];
 		$config['installedpackages']['snortglobal']['alert_log_limit_size'] = $_POST['alert_log_limit_size'];
 		$config['installedpackages']['snortglobal']['alert_log_retention'] = $_POST['alert_log_retention'];
@@ -210,14 +213,14 @@
 	'clearlogs',
 	'Remove Snort Logs On Package Uninstall',
 	'Snort log files will be removed when the Snort package is uninstalled.',
-	$config['installedpackages']['snortglobal']['clearlogs'] == 'on' ? true:false,
+	$pconfig['clearlogs'] == 'on' ? true:false,
 	'on'
 ));
 $section->addInput(new Form_Checkbox(
 	'enable_log_mgmt',
 	'Auto Log Management',
 	'Enable automatic unattended management of Snort logs using parameters specified below.',
-	$config['installedpackages']['snortglobal']['enable_log_mgmt'] == 'on' ? true:false,
+	$pconfig['enable_log_mgmt'] == 'on' ? true:false,
 	'on'
 ));
 print($section);

From 849d5489f8bea1505187908f1fbb706fd3309a6a Mon Sep 17 00:00:00 2001
From: Bill Meeks <bmeeks8@bellsouth.net>
Date: Thu, 3 Mar 2016 09:46:10 -0500
Subject: [PATCH 04/11] Style footer of Blocked Hosts table with 'alert-info'
 class.

---
 .../files/usr/local/www/snort/snort_blocked.php           | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_blocked.php b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_blocked.php
index 738c6241bc6a..7c27b727c0ad 100644
--- a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_blocked.php
+++ b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_blocked.php
@@ -335,15 +335,15 @@
 			</tbody>
 			<tfoot>
 				<tr>
-					<td colspan="4">
+					<td colspan="4" style="text-align:center;" class="alert-info">
 						<?php	if (!empty($blocked_ips_array)) {
 							if ($counter > 1)
-								echo "{$counter}" . gettext(" host IP addresses are currently being blocked.");
+								print($counter . gettext(" host IP addresses are currently being blocked by Snort."));
 							else
-								echo "{$counter}" . gettext(" host IP address is currently being blocked.");
+								print($counter . gettext(" host IP address is currently being blocked Snort."));
 						}
 						else {
-							echo gettext("There are currently no hosts being blocked by Snort.");
+							print(gettext("There are currently no hosts being blocked by Snort."));
 						}
 						?>
 					</td>

From 54b5a39bbe3e186f067887a5080209e08a87134e Mon Sep 17 00:00:00 2001
From: Bill Meeks <bmeeks8@bellsouth.net>
Date: Thu, 3 Mar 2016 09:54:00 -0500
Subject: [PATCH 05/11] Replace use of 'echo' with PHP's print() function.

---
 .../files/usr/local/www/snort/snort_blocked.php        | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_blocked.php b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_blocked.php
index 7c27b727c0ad..12fc64f6f187 100644
--- a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_blocked.php
+++ b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_blocked.php
@@ -61,7 +61,7 @@
 	else
 		$response = array('resolve_ip' => $ip, 'resolve_text' => gettext("Cannot resolve"));
 	
-	echo json_encode(str_replace("\\","\\\\", $response)); // single escape chars can break JSON decode
+	print(json_encode(str_replace("\\","\\\\", $response))); // single escape chars can break JSON decode
 	exit;
 }
 # --- AJAX REVERSE DNS RESOLVE End ---
@@ -148,7 +148,7 @@
 
 /* refresh every 60 secs */
 if ($pconfig['brefresh'] == 'on')
-	echo "<meta http-equiv=\"refresh\" content=\"60;url=/snort/snort_blocked.php\" />\n";
+	print('<meta http-equiv="refresh" content="60;url=/snort/snort_blocked.php" />\n');
 
 /* Display Alert message */
 if ($input_errors) {
@@ -321,14 +321,14 @@
 					$rdns_link .= "<i class=\"fa fa-search icon-pointer\" onclick=\"javascript:resolve_with_ajax('{$blocked_ip}');\" title=\"";
 					$rdns_link .= gettext("Resolve host via reverse DNS lookup") . "\" alt=\"Icon Reverse Resolve with DNS\"></i>";
 
-					/* use one echo to do the magic*/
-						echo "<tr class=\"text-nowrap\">
+					/* print the table row */
+						print("<tr class=\"text-nowrap\">
 							<td>{$counter}</td>
 							<td style=\"word-wrap:break-word; white-space:normal\">{$tmp_ip}<br/>{$rdns_link}</td>
 							<td style=\"word-wrap:break-word; white-space:normal\">{$blocked_desc}</td>
 							<td><i class=\"fa fa-times icon-pointer text-danger\" onClick=\"$('#ip').val('{$blocked_ip}');$('#mode').val('todelete');$('#formblock').submit();\" 
 							 title=\"" . gettext("Delete host from Blocked Table") . "\"></i></td>
-						</tr>\n";
+						</tr>\n");
 				}
 			}
 			?>

From 1b6acb25189b9d137b467ab51934be9d44d6ceeb Mon Sep 17 00:00:00 2001
From: Bill Meeks <bmeeks8@bellsouth.net>
Date: Thu, 3 Mar 2016 15:37:12 -0500
Subject: [PATCH 06/11] Fix auto-update and other issues with Snort Alerts
 Widget.

---
 .../www/widgets/javascript/snort_alerts.js    | 68 +++++--------------
 .../widgets/widgets/snort_alerts.widget.php   | 44 ++++++++----
 2 files changed, 45 insertions(+), 67 deletions(-)

diff --git a/security/pfSense-pkg-snort/files/usr/local/www/widgets/javascript/snort_alerts.js b/security/pfSense-pkg-snort/files/usr/local/www/widgets/javascript/snort_alerts.js
index 8133b92876b6..2f5dee065665 100644
--- a/security/pfSense-pkg-snort/files/usr/local/www/widgets/javascript/snort_alerts.js
+++ b/security/pfSense-pkg-snort/files/usr/local/www/widgets/javascript/snort_alerts.js
@@ -3,58 +3,21 @@ var snorttimer;
 var snortisBusy = false;
 var snortisPaused = false;
 
-if (typeof getURL == 'undefined') {
-	getURL = function(url, callback) {
-		if (!url)
-			throw 'No URL for getURL';
-		try {
-			if (typeof callback.operationComplete == 'function')
-				callback = callback.operationComplete;
-		} catch (e) {}
-			if (typeof callback != 'function')
-				throw 'No callback function for getURL';
-		var http_request = null;
-		if (typeof XMLHttpRequest != 'undefined') {
-		    http_request = new XMLHttpRequest();
-		}
-		else if (typeof ActiveXObject != 'undefined') {
-			try {
-				http_request = new ActiveXObject('Msxml2.XMLHTTP');
-			} catch (e) {
-				try {
-					http_request = new ActiveXObject('Microsoft.XMLHTTP');
-				} catch (e) {}
-			}
-		}
-		if (!http_request)
-			throw 'Both getURL and XMLHttpRequest are undefined';
-		http_request.onreadystatechange = function() {
-			if (http_request.readyState == 4) {
-				callback( { success : true,
-				  content : http_request.responseText,
-				  contentType : http_request.getResponseHeader("Content-Type") } );
-			}
-		}
-		http_request.open('GET', url, true);
-		http_request.send(null);
-	}
-}
-
 function snort_alerts_fetch_new_events_callback(callback_data) {
 	var data_split;
 	var new_data_to_add = Array();
-	var data = callback_data.content;
-	data_split = data.split("\n");
+	data_split = callback_data.split("\n");
 
 	// Loop through rows and generate replacement HTML
 	for(var x=0; x<data_split.length-1; x++) {
 		row_split = data_split[x].split("||");
 		var line = '';
-		line =  '<td class="listMRr">' + row_split[0] + '<br/>' + row_split[1] + '</td>';		
-		line += '<td class="listMRr" style="overflow: hidden; text-overflow: ellipsis;" nowrap>';
+		line =  '<td style="overflow: hidden; text-overflow: ellipsis;" nowrap>';
+		line += row_split[0] + '<br/>' + row_split[1] + '</td>';		
+		line += '<td style="overflow: hidden; text-overflow: ellipsis;" nowrap>';
 		line += '<div style="display:inline;" title="' + row_split[2] + '">' + row_split[2] + '</div><br/>';
 		line += '<div style="display:inline;" title="' + row_split[3] + '">' + row_split[3] + '</div></td>';
-		line += '<td class="listMRr"><div style="display: fixed; display: -webkit-box; -webkit-line-clamp: 2; -webkit-box-orient: vertical; line-height: 1.2em; max-height: 2.4em; overflow: hidden; text-overflow: ellipsis;" title="' + row_split[4] + '">' + row_split[4] + '</div></td>';
+		line += '<td><div style="display: fixed; display: -webkit-box; -webkit-line-clamp: 2; -webkit-box-orient: vertical; line-height: 1.2em; max-height: 2.4em; overflow: hidden; text-overflow: ellipsis;" title="' + row_split[4] + '">' + row_split[4] + '</div></td>';
 		new_data_to_add[new_data_to_add.length] = line;
 	}
 	snort_alerts_update_div_rows(new_data_to_add);
@@ -65,7 +28,7 @@ function snort_alerts_update_div_rows(data) {
 	if(snortisPaused)
 		return;
 
-	var rows = $$('#snort-alert-entries>tr');
+	var rows = $('#snort-alert-entries>tr');
 
 	// Number of rows to move by
 	var move = rows.length + data.length - snort_nentries;
@@ -76,7 +39,7 @@ function snort_alerts_update_div_rows(data) {
 		rows[i].innerHTML = rows[i - move].innerHTML;
 	}
 
-	var tbody = $$('#snort-alert-entries');
+	var tbody = $('#snort-alert-entries');
 	for (var i = data.length - 1; i >= 0; i--) {
 		if (i < rows.length) {
 			rows[i].innerHTML = data[i];
@@ -85,13 +48,6 @@ function snort_alerts_update_div_rows(data) {
 			newRow.innerHTML = data[i];
 		}
 	}
-
-	// Add the even/odd class to each of the rows now
-	// they have all been added.
-	rows = $$('#snort-alert-entries>tr');
-	for (var i = 0; i < rows.length; i++) {
-		rows[i].className = i % 2 == 0 ? snortWidgetRowOddClass : snortWidgetRowEvenClass;
-	}
 }
 
 function fetch_new_snortalerts() {
@@ -100,7 +56,15 @@ function fetch_new_snortalerts() {
 	if(snortisBusy)
 		return;
 	snortisBusy = true;
-	getURL('/widgets/widgets/snort_alerts.widget.php?getNewAlerts=' + new Date().getTime(), snort_alerts_fetch_new_events_callback);
+
+	$.ajax({
+		url: '/widgets/widgets/snort_alerts.widget.php',
+		type: 'GET',
+		data: {
+			getNewAlerts: new Date().getTime()
+		      },
+		success: snort_alerts_fetch_new_events_callback
+	});
 }
 
 function snort_alerts_toggle_pause() {
diff --git a/security/pfSense-pkg-snort/files/usr/local/www/widgets/widgets/snort_alerts.widget.php b/security/pfSense-pkg-snort/files/usr/local/www/widgets/widgets/snort_alerts.widget.php
index 83a0e8d6f804..166f7faccd42 100644
--- a/security/pfSense-pkg-snort/files/usr/local/www/widgets/widgets/snort_alerts.widget.php
+++ b/security/pfSense-pkg-snort/files/usr/local/www/widgets/widgets/snort_alerts.widget.php
@@ -83,7 +83,7 @@ function sksort(&$array, $subkey="id", $sort_ascending=false) {
 	$s_alerts = snort_widget_get_alerts();
 	$counter = 0;
 	foreach ($s_alerts as $a) {
-		$response .= $a['instanceid'] . " " . $a['dateonly'] . "||" . $a['timeonly'] . "||" . $a['src'] . "||";
+		$response .= $a['instanceid'] . "||" . $a['dateonly'] . " " . $a['timeonly'] . "||" . $a['src'] . "||";
 		$response .= $a['dst'] . "||" . $a['msg'] . "\n";
 		$counter++;
 		if($counter >= $snort_nentries)
@@ -134,7 +134,7 @@ function snort_widget_get_alerts() {
 						continue;
 
 					// Get the Snort interface this alert was received from
-					$snort_alerts[$counter]['instanceid'] = strtoupper($a_instance[$instanceid]['interface']);
+					$snort_alerts[$counter]['instanceid'] = convert_friendly_interface_to_friendly_descr($a_instance[$instanceid]['interface']);
 
 					// "fields[0]" is the complete timestamp in ASCII form. Convert
 					// to a UNIX timestamp so we can use it for various date and
@@ -191,7 +191,7 @@ function snort_widget_get_alerts() {
 	</colgroup>
 	<thead>
 		<tr>
-			<th><?=gettext("IF/Date");?></th>
+			<th><?=gettext("Interface/Time");?></th>
 			<th><?=gettext("Src/Dst Address");?></th>
 			<th><?=gettext("Description");?></th>
 		</tr>
@@ -202,12 +202,21 @@ function snort_widget_get_alerts() {
 		$counter=0;
 		if (is_array($snort_alerts)) {
 			foreach ($snort_alerts as $alert) {
-				$alertRowClass = $counter % 2 ? $alertRowEvenClass : $alertRowOddClass;
-				echo("	<tr class='" . $alertRowClass . "'>
-				<td class='listMRr'>" . $alert['instanceid'] . "&nbsp;" . $alert['dateonly'] . "<br/>" . $alert['timeonly'] . "</td>
-				<td class='listMRr' style='overflow: hidden; text-overflow: ellipsis;' nowrap><div style='display:inline;' title='" . $alert['src'] . "'>" . $alert['src'] . "</div><br/><div style='display:inline;' title='" . $alert['dst'] . "'>" . $alert['dst'] . "</div></td>
-				<td class='listMRr'><div style='display: fixed; display: -webkit-box; -webkit-line-clamp: 2; -webkit-box-orient: vertical; line-height: 1.2em; max-height: 2.4em; overflow: hidden; text-overflow: ellipsis;' title='{$alert['msg']}'>" . $alert['msg'] . "</div></td></tr>");
-				$counter++;
+	?>			
+				<tr>
+					<td style="overflow: hidden; text-overflow: ellipsis;" nowrap><?=$alert['instanceid']; ?><br/>
+						<?=$alert['dateonly']; ?> <?=$alert['timeonly']; ?>
+					</td>
+					<td style="overflow: hidden; text-overflow: ellipsis;" nowrap>
+						<div style="display:inline;" title="<?=$alert['src']; ?>"><?=$alert['src']; ?></div><br/>
+						<div style="display:inline;" title="<?=$alert['dst']; ?>"><?=$alert['dst']; ?></div>
+					</td>
+					<td><div style="display: fixed; display: -webkit-box; -webkit-line-clamp: 2; -webkit-box-orient: vertical; 
+						line-height: 1.2em; max-height: 2.4em; overflow: hidden; text-overflow: ellipsis;" 
+						title="<?=$alert['msg']; ?>"><?=$alert['msg']; ?></div>
+					</td>
+				</tr>
+	<?php			$counter++;
 				if($counter >= $snort_nentries)
 					break;
 			}
@@ -222,18 +231,23 @@ function snort_widget_get_alerts() {
 <div id="widget-<?=$widgetname?>_panel-footer" class="panel-footer collapse">
 	<input type="hidden" id="snort_alerts-config" name="snort_alerts-config" value="" />
 		<form action="/widgets/widgets/snort_alerts.widget.php" method="post" name="iformd" class="form-horizontal">
-			Enter number of recent alerts to display (default is 5)<br/>
-			<input type="text" size="5" name="widget_snort_display_lines" class="form-control" id="widget_snort_display_lines" value="<?= $config['widgets']['widget_snort_display_lines'] ?>" />
-			&nbsp;&nbsp;<input id="submitd" name="submitd" type="submit" class="formbtn" value="Save" />
+			<div class="form-group">
+				<label for="widget_snort_display_lines" class="col-sm-4 control-label"><?=gettext('Alerts to Display:')?></label>
+				<div class="col-sm-3">
+					<input type="number" name="widget_snort_display_lines" class="form-control" id="widget_snort_display_lines" 
+					value="<?= $config['widgets']['widget_snort_display_lines'] ?>" placeholder="5" min="1" max="20" />
+				</div>
+				<div class="col-sm-3">
+					<button id="submitd" name="submitd" type="submit" class="btn btn-sm btn-primary"><?=gettext('Save')?></button>
+				</div>
+			</div>
 		</form>
 
 <script type="text/javascript">
 //<![CDATA[
 <!-- needed in the snort_alerts.js file code -->
-	var snortupdateDelay = 10000; // update every 10 seconds
+	var snortupdateDelay = 5000; // update every 5 seconds
 	var snort_nentries = <?=$snort_nentries;?>; // number of alerts to display (5 is default)
-	var snortWidgetRowEvenClass = "<?=$alertRowEvenClass;?>"; // allows alternating background
-	var snortWidgetRowOddClass = "<?=$alertRowOddClass;?>"; // allows alternating background
 
 <!-- needed to display the widget settings menu -->
 	selectIntLink = "snort_alerts-configure";

From bfc78bdc6d73433edce21e82a74698290e0a999a Mon Sep 17 00:00:00 2001
From: Bill Meeks <bmeeks8@bellsouth.net>
Date: Thu, 3 Mar 2016 16:13:24 -0500
Subject: [PATCH 07/11] Tidy up Snort package install messages and remove
 useless file move.

---
 .../files/usr/local/pkg/snort/snort.inc       |  4 +-
 .../local/pkg/snort/snort_post_install.php    | 45 ++++++-------------
 2 files changed, 16 insertions(+), 33 deletions(-)

diff --git a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc
index 5cdd5a00bac9..715edb8d9747 100644
--- a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc
+++ b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc
@@ -3685,11 +3685,11 @@ function snort_remove_dead_rules() {
 	$cats = array();
 
 	// If there is no "deprecated_rules" file, then exit
-	if (!file_exists("{$rulesdir}deprecated_rules"))
+	if (!file_exists("/usr/local/pkg/snort/deprecated_rules"))
 		return;
 
 	// Open a SplFileObject to read in deprecated rules
-	$file = new SplFileObject("{$rulesdir}/deprecated_rules");
+	$file = new SplFileObject("/usr/local/pkg/snort/deprecated_rules");
 	$file->setFlags(SplFileObject::READ_AHEAD | SplFileObject::SKIP_EMPTY | SplFileObject::DROP_NEW_LINE);
 	while (!$file->eof()) {
 		$line = $file->fgets();
diff --git a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_post_install.php b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_post_install.php
index 486cd462d763..3b036f760b08 100644
--- a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_post_install.php
+++ b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_post_install.php
@@ -5,7 +5,7 @@
  * Copyright (C) 2006 Scott Ullrich
  * Copyright (C) 2009-2010 Robert Zelaya
  * Copyright (C) 2011-2012 Ermal Luci
- * Copyright (C) 2013-2014 Bill Meeks
+ * Copyright (C) 2013-2016 Bill Meeks
  * part of pfSense
  * All rights reserved.
  *
@@ -85,9 +85,6 @@
 @rename("{$snortdir}/gen-msg.map-sample", "{$snortdir}/gen-msg.map");
 //@rename("{$snortdir}/attribute_table.dtd-sample", "{$snortdir}/attribute_table.dtd");
 
-/* Move deprecated_rules file to SNORTDIR/rules directory */
-@rename("/usr/local/pkg/snort/deprecated_rules", "{$snortdir}/rules/deprecated_rules");
-
 /* fix up the preprocessor rules filenames from a PBI package install */
 $preproc_rules = array("decoder.rules", "preprocessor.rules", "sensitive-data.rules");
 foreach ($preproc_rules as $file) {
@@ -142,7 +139,7 @@
 /* remake saved settings */
 if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
 	log_error(gettext("[Snort] Saved settings detected... rebuilding installation with saved settings..."));
-	update_status(gettext("Saved settings detected..."));
+	update_status(gettext("Saved settings detected...") . "\n");
 
 	/****************************************************************/
 	/* Do test and fix for duplicate UUIDs if this install was      */
@@ -180,16 +177,13 @@
 	/****************************************************************/
 
 	/* Do one-time settings migration for new multi-engine configurations */
-	$static_output .= gettext("\nMigrating settings to new configuration...");
-	update_output_window($static_output);
+	update_status(gettext("Migrating settings to new configuration..."));
 	include('/usr/local/pkg/snort/snort_migrate_config.php');
-	$static_output .= gettext(" done.\n");
-	update_output_window($static_output);
+	update_status(gettext(" done.") . "\n");
 	log_error(gettext("[Snort] Downloading and updating configured rule sets..."));
-	if ($pkg_interface <> "console")
-		$snort_gui_include = true;
 	include('/usr/local/pkg/snort/snort_check_for_rule_updates.php');
-	update_status(gettext("Generating snort.conf configuration file from saved settings..."));
+	update_status(gettext(" done.") . "\n");
+	update_status(gettext("Generating snort.conf configuration file from saved settings...") . "\n");
 	$rebuild_rules = true;
 	conf_mount_rw();
 
@@ -199,8 +193,7 @@
 		$if_real = get_real_interface($snortcfg['interface']);
 		$snort_uuid = $snortcfg['uuid'];
 		$snortcfgdir = "{$snortdir}/snort_{$snort_uuid}_{$if_real}";
-		$static_output .= gettext("Generating configuration for " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . "...");
-		update_output_window($static_output);
+		update_status(gettext("Generating configuration for " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . "..."));
 
 		// Pull in the PHP code that generates the snort.conf file
 		// variables that will be substituted further down below.
@@ -227,16 +220,13 @@
 		if ($snortcfg['barnyard_enable'] == 'on')
 			snort_generate_barnyard2_conf($snortcfg, $if_real);
 
-		$static_output .= gettext(" done.\n");
-		update_output_window($static_output);
+		update_status(gettext(" done.") . "\n");
 	}
 
 	/* create snort bootup file snort.sh */
-	$static_output .= gettext("Generating snort.sh script in {$rcdir}...");
-	update_output_window($static_output);
+	update_status(gettext("Generating snort.sh script in {$rcdir}..."));
 	snort_create_rc();
-	$static_output .= gettext(" done.\n");
-	update_output_window($static_output);
+	update_status(gettext(" done.") . "\n");
 
 	/* Set Log Limit, Block Hosts Time and Rules Update Time */
 	snort_snortloglimit_install_cron(true);
@@ -249,22 +239,15 @@
 		$config['widgets']['sequence'] .= "," . $config['installedpackages']['snortglobal']['dashboard_widget'];
 
 	$rebuild_rules = false;
-	if ($pkg_interface <> "console")
-		update_output_window(gettext("Finished rebuilding Snort configuration files..."));
+	update_status(gettext("Finished rebuilding Snort configuration files...") . "\n");
 	log_error(gettext("[Snort] Finished rebuilding installation from saved settings..."));
 
 	/* Only try to start Snort if not in reboot */
 	if (!($g['booting'])) {
-		if ($pkg_interface <> "console") {
-			update_status(gettext("Starting Snort using rebuilt configuration..."));
-			$static_output .= gettext("Starting Snort as a background task using the rebuilt configuration... ");
-			mwexec_bg("{$rcdir}snort.sh start");
-			update_output_window($static_output);
-		}
-		else
-			mwexec_bg("{$rcdir}snort.sh start");
+		update_status(gettext("Starting Snort using rebuilt configuration..."));
+		mwexec_bg("{$rcdir}snort.sh start");
+		update_status(gettext(" done.") . "\n");
 	}
-	update_status("");
 }
 
 /* We're finished with conf partition mods, return to read-only */

From 32150e96cb38263a3fee40aa92d127fcac9ee43f Mon Sep 17 00:00:00 2001
From: Bill Meeks <bmeeks8@bellsouth.net>
Date: Thu, 3 Mar 2016 21:12:26 -0500
Subject: [PATCH 08/11] Implement temp workaround to show rule pkg update
 progress on UPDATES tab.

---
 .../files/usr/local/pkg/snort/snort.inc       |   2 +-
 .../snort/snort_check_for_rule_updates.php    | 139 ++++-----------
 .../www/snort/snort_download_updates.php      | 158 +++++++++++-------
 3 files changed, 133 insertions(+), 166 deletions(-)

diff --git a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc
index 715edb8d9747..ca16b11951f5 100644
--- a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc
+++ b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc
@@ -34,7 +34,7 @@
 require_once("pfsense-utils.inc");
 require_once("config.inc");
 require_once("functions.inc");
-require_once("service-utils.inc");
+require_once("service-utils.inc"); // Need this to get RCFILEPREFIX definition
 require_once("pkg-utils.inc");
 require_once("filter.inc");
 require("/usr/local/pkg/snort/snort_defs.inc");
diff --git a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_check_for_rule_updates.php b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_check_for_rule_updates.php
index 929ddad17aff..05ae77859d41 100644
--- a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_check_for_rule_updates.php
+++ b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_check_for_rule_updates.php
@@ -5,7 +5,7 @@
  * Copyright (C) 2006 Scott Ullrich
  * Copyright (C) 2009 Robert Zelaya
  * Copyright (C) 2011-2012 Ermal Luci
- * Copyright (C) 2013-2015 Bill Meeks
+ * Copyright (C) 2013-2016 Bill Meeks
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -35,7 +35,7 @@
 require_once("/usr/local/pkg/snort/snort.inc");
 require("/usr/local/pkg/snort/snort_defs.inc");
 
-global $g, $config, $pkg_interface, $snort_gui_include, $rebuild_rules, $static_output;
+global $g, $config, $rebuild_rules;
 
 $snortdir = SNORTDIR;
 $snortlibdir = SNORT_PBI_BASEDIR . "lib";
@@ -44,13 +44,6 @@
 $snortbindir = SNORT_PBI_BINDIR;
 $mounted_rw = FALSE;
 
-/* Save the state of $pkg_interface so we can restore it */
-$pkg_interface_orig = $pkg_interface;
-if ($snort_gui_include)
-	$pkg_interface = "";
-else
-	$pkg_interface = "console";
-
 /* define checks */
 $oinkid = $config['installedpackages']['snortglobal']['oinkmastercode'];
 $etproid = $config['installedpackages']['snortglobal']['etpro_code'];
@@ -128,7 +121,7 @@ function snort_download_file_url($url, $file_out) {
 	/* It provides logging of returned CURL errors. */
 	/************************************************/
 
-	global $g, $config, $pkg_interface, $last_curl_error, $fout, $ch, $file_size, $downloaded, $first_progress_update;
+	global $g, $config, $last_curl_error, $fout, $ch, $file_size, $downloaded, $first_progress_update;
 
 	$rfc2616 = array(
 			100 => "100 Continue",
@@ -190,7 +183,7 @@ function snort_download_file_url($url, $file_out) {
 		// NOTE: required to suppress errors from XMLRPC due to progress bar output
 		// and to prevent useless spam from rules update cron job execution.  This
 		// prevents progress bar output during package sync and rules update cron task. 
-		if ($g['snort_sync_in_progress'] || $pkg_interface == "console")
+		if ($g['snort_sync_in_progress'])
 			curl_setopt($ch, CURLOPT_HEADER, false);
 		else {
 			curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header');
@@ -201,7 +194,7 @@ function snort_download_file_url($url, $file_out) {
 		curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 Chrome/43.0.2357.65 Safari/537.36");
 		curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, "TLSv1.2, TLSv1");
 		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
-		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true);
+		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
 		curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15);
 		curl_setopt($ch, CURLOPT_TIMEOUT, 0);
 
@@ -266,56 +259,45 @@ function snort_check_rule_md5($file_url, $file_dst, $desc = "") {
 	/*           error occurred.                              */
 	/**********************************************************/
 
-	global $last_curl_error, $update_errors, $static_output;
+	global $last_curl_error, $update_errors;
 
 	$snortdir = SNORTDIR;
 	$filename_md5 = basename($file_dst);
 
 	update_status(gettext("Downloading {$desc} md5 file..."));
-	$static_output .= gettext("Downloading {$desc} md5 file...");
-	update_output_window($static_output);
 	error_log(gettext("\tDownloading {$desc} md5 file {$filename_md5}...\n"), 3, SNORT_RULES_UPD_LOGFILE);
 	$rc = snort_download_file_url($file_url, $file_dst);
 
 	// See if download from URL was successful
 	if ($rc === true) {
-		update_status(gettext("Done downloading {$filename_md5}."));
-		$static_output .= gettext(" done.\n");
-		update_output_window($static_output);
+		update_status(gettext(" done.") . "\n");
 		error_log("\tChecking {$desc} md5 file...\n", 3, SNORT_RULES_UPD_LOGFILE);
-		$static_output .= gettext("Checking {$desc} md5 file...");
-		update_output_window($static_output);
+		update_status(gettext("Checking {$desc} md5 file..."));
 
 		// check md5 hash in new file against current file to see if new download is posted
 		if (file_exists("{$snortdir}/{$filename_md5}")) {
 			$md5_check_new = file_get_contents($file_dst);
 			$md5_check_old = file_get_contents("{$snortdir}/{$filename_md5}");
-			$static_output .= gettext(" done.\n");
-			update_output_window($static_output);
+			update_status(gettext(" done.") . "\n");
 			if ($md5_check_new == $md5_check_old) {
-				update_status(gettext("{$desc} are up to date..."));
+				update_status(gettext("{$desc} are current. No update required.") . "\n");
 				log_error(gettext("[Snort] {$desc} are up to date..."));
 				error_log(gettext("\t{$desc} are up to date.\n"), 3, SNORT_RULES_UPD_LOGFILE);
-				$static_output .= gettext("{$desc} are current. No update required.\n");
-				update_output_window($static_output);
 				return false;
 			}
 			else {
 				return true;
 			}
 		}
-		$static_output .= gettext(" done.\n");
-		update_output_window($static_output);
+		update_status(gettext(" done.") . "\n");
 		return true;
 	}
 	else {
 		error_log(gettext("\t{$desc} md5 download failed.\n"), 3, SNORT_RULES_UPD_LOGFILE);
 		$snort_err_msg = gettext("Server returned error code {$rc}.");
-		update_status(gettext("{$desc} md5 error ... Server returned error code {$rc} ..."));
-		$static_output .= gettext(" FAILED!\n");
-		update_output_window($static_output);
-		$static_output .= gettext("{$desc} will not be updated.\n{$snort_err_msg}\n");
-		update_output_window($static_output); 
+		update_status(gettext(" FAILED!") . "\n");
+		update_status(gettext("{$desc} md5 error ... Server returned error code {$rc} ...") . "\n");
+		update_status(gettext("{$desc} will not be updated.\n{$snort_err_msg}") . "\n");
 		log_error(gettext("[Snort] {$desc} md5 download failed..."));
 		log_error(gettext("[Snort] Server returned error code {$rc}..."));
 		error_log(gettext("\t{$snort_err_msg}\n"), 3, SNORT_RULES_UPD_LOGFILE);
@@ -345,31 +327,26 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 	/*           FALSE if download was not successful.        */
 	/**********************************************************/
 
-	global $last_curl_error, $update_errors, $static_output;
+	global $last_curl_error, $update_errors;
 
 	$snortdir = SNORTDIR;
 	$filename = basename($file_dst);
 
-	update_status(gettext("There is a new set of {$desc} posted. Downloading..."));
+	update_status(gettext("There is a new set of {$desc} posted.\nDownloading {$filename}..."));
 	log_error(gettext("[Snort] There is a new set of {$desc} posted. Downloading {$filename}..."));
 	error_log(gettext("\tThere is a new set of {$desc} posted.\n"), 3, SNORT_RULES_UPD_LOGFILE);
 	error_log(gettext("\tDownloading file '{$filename}'...\n"), 3, SNORT_RULES_UPD_LOGFILE);
-	$static_output .= gettext("There is a new set of {$desc} posted.\nDownloading {$filename}...");
-	update_output_window($static_output); 
        	$rc = snort_download_file_url($file_url, $file_dst);
 
 	// See if the download from the URL was successful
 	if ($rc === true) {
-		update_status(gettext("Done downloading {$desc} file."));
+		update_status(gettext(" done.") . "\n");
 		log_error("[Snort] {$desc} file update downloaded successfully");
 		error_log(gettext("\tDone downloading rules file.\n"),3, SNORT_RULES_UPD_LOGFILE);
-		$static_output .= gettext(" done.\n");
-		update_output_window($static_output);
 	
 		// Test integrity of the rules file.  Turn off update if file has wrong md5 hash
 		if ($file_md5 != trim(md5_file($file_dst))){
-			$static_output .= gettext("{$desc} file MD5 checksum failed...\n");
-			update_output_window($static_output);
+			update_status(gettext("{$desc} file MD5 checksum failed...") . "\n");
 			log_error(gettext("[Snort] {$desc} file download failed.  Bad MD5 checksum..."));
         	        log_error(gettext("[Snort] Downloaded File MD5: " . md5_file($file_dst)));
 			log_error(gettext("[Snort] Expected File MD5: {$file_md5}"));
@@ -383,20 +360,16 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 		return true;
 	}
 	else {
-		$static_output .= gettext(" FAILED!\n");
-		update_output_window($static_output);
-		$static_output .= gettext("{$desc} file download failed... server returned error '{$rc}'.\n");
-		update_output_window($static_output); 
+		update_status(gettext(" FAILED!") . "\n");
+		update_status(gettext("{$desc} file download failed... server returned error '{$rc}'.") . "\n");
 		log_error(gettext("[Snort] {$desc} file download failed... server returned error '{$rc}'..."));
 		error_log(gettext("\t{$desc} file download failed.  Server returned error {$rc}.\n"), 3, SNORT_RULES_UPD_LOGFILE);
 		error_log(gettext("\tThe error text was: {$last_curl_error}\n"), 3, SNORT_RULES_UPD_LOGFILE);
 		error_log(gettext("\t{$desc} will not be updated.\n"), 3, SNORT_RULES_UPD_LOGFILE);
-		$static_output .= gettext("{$desc} will not be updated.\n");
-		update_output_window($static_output);
+		update_status(gettext("{$desc} will not be updated.") . "\n");
 		$update_errors = true;
 		return false;
 	}
-
 }
 
 /**********************/
@@ -479,8 +452,7 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 /* Untar Snort rules file to tmp and install the rules */
 if ($snortdownload == 'on') {
 	if (file_exists("{$tmpfname}/{$snort_filename}")) {
-		$static_output .= gettext("Installing Sourcefire VRT rules...");
-		update_output_window($static_output);
+		update_status(gettext("Installing Sourcefire VRT rules..."));
 
 		/* Currently, only FreeBSD-8-1, FreeBSD-9-0 and FreeBSD-10-0 precompiled SO rules exist from Snort.org */
 		/* Default to FreeBSD 8.1, and then test for FreeBSD 9.x  or FreeBSD 10.x */
@@ -491,11 +463,9 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 			$freebsd_version_so = 'FreeBSD-10-0';
 
 		/* Remove the old Snort rules files */
-		update_status(gettext("Removing old Snort VRT rules..."));
 		$vrt_prefix = VRT_FILE_PREFIX;
 		unlink_if_exists("{$snortdir}/rules/{$vrt_prefix}*.rules");
 
-		update_status(gettext("Extracting new Snort VRT rules..."));
 		error_log(gettext("\tExtracting and installing Snort VRT rules...\n"), 3, SNORT_RULES_UPD_LOGFILE);
 		/* extract snort.org rules and add VRT_FILE_PREFIX prefix to all snort.org files */
 		safe_mkdir("{$tmpfname}/snortrules");
@@ -513,7 +483,6 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 		}
 		rmdir_recursive("{$tmpfname}/snortrules");
 		/* Extract the Snort preprocessor rules */
-		update_status(gettext("Extracting preprocessor rules files..."));
 		exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$tmpfname} preproc_rules/");
 		$files = glob("{$tmpfname}/preproc_rules/*.rules");
 		foreach ($files as $file) {
@@ -522,7 +491,6 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 		}
 		rmdir_recursive("{$tmpfname}/preproc_rules");
 		/* extract so rules */
-		update_status(gettext("Extracting Snort VRT Shared Objects rules..."));
 		error_log(gettext("\tUsing Snort VRT precompiled SO rules for {$freebsd_version_so} ...\n"), 3, SNORT_RULES_UPD_LOGFILE);
 		$snort_arch = php_uname("m");
 		$nosorules = false;
@@ -537,7 +505,6 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 		rmdir_recursive("{$tmpfname}/so_rules/");
 		if ($nosorules == false) {
 			/* extract Shared Object stub rules, rename and copy to the rules folder. */
-		        update_status(gettext("Copying Snort VRT Shared Objects rules..."));
 			exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$tmpfname} --exclude precompiled/ --exclude src/ so_rules/");
 			$files = glob("{$tmpfname}/so_rules/*.rules");
 			foreach ($files as $file) {
@@ -547,7 +514,6 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 			rmdir_recursive("{$tmpfname}/so_rules/");
 		}
 		/* extract base etc files */
-	        update_status(gettext("Extracting Snort VRT config and map files..."));
 		exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$tmpfname} etc/");
 		foreach (array("classification.config", "reference.config", "gen-msg.map", "unicode.map") as $file) {
 			if (file_exists("{$tmpfname}/etc/{$file}"))
@@ -558,9 +524,7 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 			update_status(gettext("Copying md5 signature to snort directory..."));
 			@copy("{$tmpfname}/{$snort_filename_md5}", "{$snortdir}/{$snort_filename_md5}");
 		}
-		update_status(gettext("Extraction of Snort VRT rules completed..."));
-		$static_output .= gettext(" done.\n");
-		update_output_window($static_output);
+		update_status(gettext(" done.") . "\n");
 		error_log(gettext("\tInstallation of Snort VRT rules completed.\n"), 3, SNORT_RULES_UPD_LOGFILE);
 	}
 }
@@ -569,8 +533,7 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 if ($openappid_detectors == 'on') {
 	// If we have a valid downloaded file, then first cleanup the old directory
 	if (file_exists("{$tmpfname}/{$snort_openappid_filename}")) {
-		update_status(gettext("Extracting Snort OpenAppID detectors..."));
-		$static_output .= gettext("Installing Snort OpenAppID detectors...");
+		update_status(gettext("Installing Snort OpenAppID detectors..."));
 		$snort_openappid_path = SNORT_APPID_ODP_PATH;
 		rmdir_recursive("{$snort_openappid_path}odp");
 		error_log(gettext("\tExtracting and installing Snort OpenAppID detectors...\n"), 3, SNORT_RULES_UPD_LOGFILE);
@@ -585,9 +548,7 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 			safe_mkdir("{$snort_openappid_path}custom/lua");
 			touch("{$snort_openappid_path}custom/userappid.conf");
 		}
-		update_status(gettext("Extraction of Snort OpenAppID detectors completed..."));
-		$static_output .= gettext(" done.\n");
-		update_output_window($static_output);
+		update_status(gettext(" done.") . "\n");
 		unlink_if_exists("{$tmpfname}/{$snort_openappid_filename}");
 		error_log(gettext("\tInstallation of Snort OpenAppID detectors completed.\n"), 3, SNORT_RULES_UPD_LOGFILE);
 	}
@@ -597,9 +558,7 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 if ($snortcommunityrules == 'on') {
 	safe_mkdir("{$tmpfname}/community");
 	if (file_exists("{$tmpfname}/{$snort_community_rules_filename}")) {
-		update_status(gettext("Extracting Snort GPLv2 Community Rules..."));
-		$static_output .= gettext("Installing Snort GPLv2 Community Rules...\n");
-		update_output_window($static_output);
+		update_status(gettext("Installing Snort GPLv2 Community Rules..."));
 		error_log(gettext("\tExtracting and installing Snort GPLv2 Community Rules...\n"), 3, SNORT_RULES_UPD_LOGFILE);
 		exec("/usr/bin/tar xzf {$tmpfname}/{$snort_community_rules_filename} -C {$tmpfname}/community/");
 
@@ -615,12 +574,9 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 		}
 		/*  Copy snort community md5 sig to snort dir */
 		if (file_exists("{$tmpfname}/{$snort_community_rules_filename_md5}")) {
-			update_status(gettext("Copying md5 signature to snort directory..."));
 			@copy("{$tmpfname}/{$snort_community_rules_filename_md5}", "{$snortdir}/{$snort_community_rules_filename_md5}");
 		}
-		update_status(gettext("Extraction of Snort GPLv2 Community Rules completed..."));
-		$static_output .= gettext(" done.\n");
-		update_output_window($static_output);
+		update_status(gettext(" done.") . "\n");
 		error_log(gettext("\tInstallation of Snort GPLv2 Community Rules completed.\n"), 3, SNORT_RULES_UPD_LOGFILE);
 		rmdir_recursive("{$tmpfname}/community/");
 	}
@@ -630,23 +586,19 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 if ($emergingthreats == 'on') {
 	safe_mkdir("{$tmpfname}/emerging");
 	if (file_exists("{$tmpfname}/{$emergingthreats_filename}")) {
-		update_status(gettext("Extracting {$et_name} rules..."));
-		$static_output .= gettext("Installing {$et_name} rules...");
-		update_output_window($static_output);
+		update_status(gettext("Installing {$et_name} rules..."));
 		error_log(gettext("\tExtracting and installing {$et_name} rules...\n"), 3, SNORT_RULES_UPD_LOGFILE);
 		exec("/usr/bin/tar xzf {$tmpfname}/{$emergingthreats_filename} -C {$tmpfname}/emerging rules/");
 
 		/* Remove the old Emerging Threats rules files */
 		$eto_prefix = ET_OPEN_FILE_PREFIX;
 		$etpro_prefix = ET_PRO_FILE_PREFIX;
-		update_status(gettext("Removing old {$et_name} files..."));
 		unlink_if_exists("{$snortdir}/rules/{$eto_prefix}*.rules");
 		unlink_if_exists("{$snortdir}/rules/{$etpro_prefix}*.rules");
 		unlink_if_exists("{$snortdir}/rules/{$eto_prefix}*ips.txt");
 		unlink_if_exists("{$snortdir}/rules/{$etpro_prefix}*ips.txt");
 
 		$files = glob("{$tmpfname}/emerging/rules/*.rules");
-		update_status(gettext("Copying new {$et_name} files..."));
 		foreach ($files as $file) {
 			$newfile = basename($file);
 			if ($etpro == "on")
@@ -678,9 +630,7 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
 			update_status(gettext("Copying md5 signature to snort directory..."));
 			@copy("{$tmpfname}/{$emergingthreats_filename_md5}", "{$snortdir}/{$emergingthreats_filename_md5}");
 		}
-		update_status(gettext("Extraction of {$et_name} rules completed..."));
-		$static_output .= gettext(" done.\n");
-		update_output_window($static_output);
+		update_status(gettext(" done.") . "\n");
 		error_log(gettext("\tInstallation of {$et_name} rules completed.\n"), 3, SNORT_RULES_UPD_LOGFILE);
 		rmdir_recursive("{$tmpfname}/emerging/");
 	}
@@ -719,7 +669,6 @@ function snort_apply_customizations($snortcfg, $if_real) {
 
 if ($snortdownload == 'on' || $emergingthreats == 'on' || $snortcommunityrules == 'on') {
 
-	update_status(gettext('Copying new config and map files...'));
 	error_log(gettext("\tCopying new config and map files...\n"), 3, SNORT_RULES_UPD_LOGFILE);
 
 	/******************************************************************/
@@ -766,8 +715,6 @@ function snort_apply_customizations($snortcfg, $if_real) {
 			$if_real = get_real_interface($value['interface']);
 			$tmp = "Updating rules configuration for: " . convert_friendly_interface_to_friendly_descr($value['interface']) . " ...";
 			update_status(gettext($tmp));
-			$static_output .= gettext($tmp . "...");
-			update_output_window($static_output);
 
 			// Make sure the interface subdirectory and required sub-directories exists.
 			// We need to re-create them during a pkg reinstall for the intial rules set
@@ -790,14 +737,11 @@ function snort_apply_customizations($snortcfg, $if_real) {
 				$tmp .= convert_friendly_interface_to_friendly_descr($value['interface']) . "...\n";
 			}
 			error_log($tmp, 3, SNORT_RULES_UPD_LOGFILE);
-			$static_output .= gettext(" done.\n");
-			update_output_window($static_output);
+			update_status(gettext(" done.") . "\n");
 		}
 	}
 	else {
-		$static_output .= gettext("Warning:  No interfaces configured for Snort were found...\n");
-		$static_output .= gettext("No interfaces currently have Snort configured and enabled on them.\n");
-	        update_output_window($static_output);
+		update_status(gettext("Warning:  No interfaces configured for Snort were found...") . "\n");
 		error_log(gettext("\tWarning:  No interfaces configured for Snort were found...\n"), 3, SNORT_RULES_UPD_LOGFILE);
 	}
 
@@ -807,15 +751,12 @@ function snort_apply_customizations($snortcfg, $if_real) {
 	/* Restart snort if running, and not in post-install, so as to pick up the new rules. */
        	if (!$g['snort_postinstall'] && is_service_running("snort") && count($config['installedpackages']['snortglobal']['rule']) > 0) {
 		update_status(gettext('Restarting Snort to activate the new set of rules...'));
-		$static_output .= gettext("Restarting Snort...");
-		update_output_window($static_output);
 		error_log(gettext("\tRestarting Snort to activate the new set of rules...\n"), 3, SNORT_RULES_UPD_LOGFILE);
 		touch("{$g['varrun_path']}/snort_pkg_starting.lck");
 		snort_restart_all_interfaces(TRUE);
 		sleep(3);
 		unlink_if_exists("{$g['varrun_path']}/snort_pkg_starting.lck");
-		$static_output .= gettext(" done.\n");
-	        update_output_window($static_output);
+		update_status(gettext(" done.") . "\n");
        		log_error(gettext("[Snort] Snort has restarted with your new set of rules..."));
 		error_log(gettext("\tSnort has restarted with your new set of rules.\n"), 3, SNORT_RULES_UPD_LOGFILE);
 	}
@@ -827,15 +768,12 @@ function snort_apply_customizations($snortcfg, $if_real) {
 	/**************************************************************************************/
        	if (!$g['snort_postinstall'] && is_service_running("snort") && count($config['installedpackages']['snortglobal']['rule']) > 0) {
 		update_status(gettext('Restarting Snort to activate the new OpenAppID detectors...'));
-		$static_output .= gettext("Restarting Snort...");
-		update_output_window($static_output);
 		error_log(gettext("\tRestarting Snort to activate the new OpenAppID detectors...\n"), 3, SNORT_RULES_UPD_LOGFILE);
 		touch("{$g['varrun_path']}/snort_pkg_starting.lck");
 		snort_restart_all_interfaces(TRUE);
 		sleep(2);
 		unlink_if_exists("{$g['varrun_path']}/snort_pkg_starting.lck");
-		$static_output .= gettext(" done.\n");
-	        update_output_window($static_output);
+		update_status(gettext(" done.") . "\n");
        		log_error(gettext("[Snort] Snort has restarted with your new set of OpenAppID detectors..."));
 		error_log(gettext("\tSnort has restarted with your new set of OpenAppID detectors.\n"), 3, SNORT_RULES_UPD_LOGFILE);
 	}
@@ -843,14 +781,12 @@ function snort_apply_customizations($snortcfg, $if_real) {
 
 /*  remove $tmpfname files */
 if (is_dir("{$tmpfname}")) {
-	$static_output .= gettext("Cleaning up temp dirs and files...");
-        update_output_window($static_output);
+	update_status(gettext("Cleaning up temp dirs and files..."));
 	rmdir_recursive($tmpfname);
-	$static_output .= gettext(" done.\n");
-        update_output_window($static_output);
+	update_status(gettext(" done.") . "\n");
 }
 
-update_status(gettext("The Rules update has finished."));
+update_status(gettext("The Rules update has finished.") . "\n");
 log_error(gettext("[Snort] The Rules update has finished."));
 error_log(gettext("The Rules update has finished.  Time: " . date("Y-m-d H:i:s"). "\n\n"), 3, SNORT_RULES_UPD_LOGFILE);
 
@@ -858,9 +794,6 @@ function snort_apply_customizations($snortcfg, $if_real) {
 if ($mounted_rw == TRUE)
 	conf_mount_ro();
 
-/* Restore the state of $pkg_interface */
-$pkg_interface = $pkg_interface_orig;
-
 /* Save this update status to the configuration file */
 if ($update_errors)
 	$config['installedpackages']['snortglobal']['last_rule_upd_status'] = gettext("failed");
diff --git a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_download_updates.php b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_download_updates.php
index 4467dc9e7e31..4c87532081b2 100644
--- a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_download_updates.php
+++ b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_download_updates.php
@@ -143,33 +143,30 @@
 	$savemsg = gettext("Snort Rules Update logfile has been cleared.");
 }
 
-if (isset($_POST['update'])) {
-	header("Location: /snort/snort_download_rules.php");
-	exit;
-}
+if (isset($_POST['mode'])) {
+//	header("Location: /snort/snort_download_rules.php");
 
-if ($_POST['force']) {
-	// Mount file system R/W since we need to remove files
-	conf_mount_rw();
+	if ($_POST['mode'] == 'force') {
+		// Mount file system R/W since we need to remove files
+		conf_mount_rw();
 
-	// Remove the existing MD5 signature files to force a download
-	unlink_if_exists("{$snortdir}/{$emergingthreats_filename}.md5");
-	unlink_if_exists("{$snortdir}/{$snort_community_rules_filename}.md5");
-	unlink_if_exists("{$snortdir}/{$snort_rules_file}.md5");
-	unlink_if_exists("{$snortdir}/{$snort_openappid_filename}.md5");
+		// Remove the existing MD5 signature files to force a download
+		unlink_if_exists("{$snortdir}/{$emergingthreats_filename}.md5");
+		unlink_if_exists("{$snortdir}/{$snort_community_rules_filename}.md5");
+		unlink_if_exists("{$snortdir}/{$snort_rules_file}.md5");
+		unlink_if_exists("{$snortdir}/{$snort_openappid_filename}.md5");
 
-	// Revert file system to R/O.
-	conf_mount_ro();
+		// Revert file system to R/O.
+		conf_mount_ro();
+	}
 	
 	// Go download the updates
-	header("Location: /snort/snort_download_rules.php");
+	include("/usr/local/pkg/snort/snort_check_for_rule_updates.php");
 	exit;
 }
 
 $pgtitle = array(gettext("Services"), gettext("Snort"), gettext("Update Rules"));
 include("head.inc");
-if ($input_errors)
-	print_input_errors($input_errors);
 
 if ($savemsg) {
 	print_info_box($savemsg, 'success');
@@ -192,52 +189,48 @@
 
 <div class="panel panel-default">
 	<div class="panel-heading"><h2 class="panel-title"><?=gettext("Installed Rule Set MD5 Signature")?></h2></div>
-		<div id="mainarea" class="table-responsive panel-body">
-
-				<table class="table table-striped table-condensed">
-					<thead>
-						<tr>
-							<th><?=gettext("Rule Set Name/Publisher");?></th>
-							<th><?=gettext("MD5 Signature Hash");?></th>
-							<th><?=gettext("MD5 Signature Date");?></th>
-						</tr>
-					</thead>
-					<tbody>
-					<tr>
-						<td><?=gettext("Snort VRT Rules");?></td>
-						<td><? echo trim($snort_org_sig_chk_local);?></td>
-						<td><?php echo gettext($snort_org_sig_date);?></td>
-					</tr>
+	<div class="panel-body">
+		<div class="content table-responsive">
+			<table class="table table-striped table-condensed">
+				<thead>
 					<tr>
-						<td><?=gettext("Snort GPLv2 Community Rules");?></td>
-						<td><? echo trim($snort_community_sig_chk_local);?></td>
-						<td><?php echo gettext($snort_community_sig_date);?></td>
+						<th><?=gettext("Rule Set Name/Publisher");?></th>
+						<th><?=gettext("MD5 Signature Hash");?></th>
+						<th><?=gettext("MD5 Signature Date");?></th>
 					</tr>
-					<tr>
-						<td><?=$et_name;?></td>
-						<td><? echo trim($emergingt_net_sig_chk_local);?></td>
-						<td><?php echo gettext($emergingt_net_sig_date);?></td>
-					</tr>
-					<tr>
-						<td><?=gettext("Snort OpenAppID Detectors");?></td>
-						<td><? echo trim($openappid_detectors_sig_chk_local);?></td>
-						<td><?php echo gettext($openappid_detectors_sig_date);?></td>
-					</tr>
-					</tbody>
-				</table>
+				</thead>
+				<tbody>
+				<tr>
+					<td><?=gettext("Snort VRT Rules");?></td>
+					<td><?=trim($snort_org_sig_chk_local);?></td>
+					<td><?=gettext($snort_org_sig_date);?></td>
+				</tr>
+				<tr>
+					<td><?=gettext("Snort GPLv2 Community Rules");?></td>
+					<td><?=trim($snort_community_sig_chk_local);?></td>
+					<td><?=gettext($snort_community_sig_date);?></td>
+				</tr>
+				<tr>
+					<td><?=$et_name;?></td>
+					<td><?=trim($emergingt_net_sig_chk_local);?></td>
+					<td><?=gettext($emergingt_net_sig_date);?></td>
+				</tr>
+				<tr>
+					<td><?=gettext("Snort OpenAppID Detectors");?></td>
+					<td><?=trim($openappid_detectors_sig_chk_local);?></td>
+					<td><?=gettext($openappid_detectors_sig_date);?></td>
+				</tr>
+				</tbody>
+			</table>
 		</div>
+	</div>
 </div>
 
 <?php
 
 $form = new Form(false);
-
 $section = new Form_Section('Update Your Rule Set');
 $group = new Form_Group('Last Update');
-$group->add(new Form_StaticText(
-	'',
-	$last_rule_upd_time
-));
 
 if (stristr('success', $last_rule_upd_status)) {
 	$last_rule_upd_status = '<span class="bg-success text-capitalize">' . $last_rule_upd_status . '</span>';
@@ -248,25 +241,25 @@
 
 $group->add(new Form_StaticText(
 	'',
-	'Result: ' . $last_rule_upd_status
+	$last_rule_upd_time . '<span class="col-sm-offset-1"><b>Result: </b>' . $last_rule_upd_status . '</span>'
 ));
 $section->add($group);
 
 $group = new Form_Group('Update Rules');
 $group->add(new Form_Button(
 	'update',
-	' ' . 'Update Rules',
-	'/snort/snort_download_rules.php',
+	'Update Rules',
+	'#',
 	'fa-check'
-))->removeClass('btn-primary')->addClass('btn-info')->addClass('btn-sm');
+))->removeClass('btn-primary')->addClass('btn-info')->addClass('btn-sm')->setAttribute('title', gettext("Check for and install only new updates"));
 $group->add(new Form_Button(
 	'force',
-	' ' . 'Force Update',
-	null,
+	'Force Update',
+	'#',
 	'fa-download'
 ))->removeClass('btn-primary')->addClass('btn-warning')->addClass('btn-sm')->setAttribute('title', gettext("Force an update of all enabled rule sets"));
 $group->setHelp('Click UPDATE RULES to check for and automatically apply any new posted updates for selected rules packages.  Clicking FORCE UPDATE ' . 
-				'will zero out the MD5 hashes and force the download and application of the latest versions of the enabled rules packages.');
+		'will zero out the MD5 hashes and force the download and application of the latest versions of the enabled rules packages.');
 $section->add($group);
 
 $form->add($section);
@@ -276,14 +269,14 @@
 
 $group->add(new Form_Button(
 	'view',
-	' ' . 'View Log',
+	'View Log',
 	'#',
 	'fa-file-text-o'
 ))->removeClass('btn-primary')->addClass('btn-info')->addClass('btn-sm')->setAttribute('title', gettext('View rules update log'))->setAttribute('data-target', '#vwupdlog')->setAttribute('data-toggle', 'modal');
 
 $group->add(new Form_Button(
 	'clear',
-	' ' . 'Clear Log',
+	'Clear Log',
 	null,
 	'fa-trash'
 ))->removeClass('btn-primary')->addClass('btn-danger')->addClass('btn-sm')->setAttribute('title', gettext('Clear rules update log'));
@@ -314,6 +307,15 @@
 ))->removeClass('form-control')->addClass('row-fluid col-sm-10')->setAttribute('rows', '10')->setAttribute('wrap', 'off');
 $form->add($modal);
 
+// Create a Modal Dialog for displaying a spinning icon "please wait" message while
+// updating the rule sets
+$modal = new Modal('Rules Update Task', 'updrulesdlg', false, 'Close');
+$modal->addInput(new Form_StaticText (
+	null,
+	'Checking for updated rule sets may take a while ... please wait ' . '<i class="content fa fa-spinner fa-pulse fa-lg text-center text-info"></i>'
+));
+$form->add($modal);
+
 $form->add($section);
 
 print($form);
@@ -341,10 +343,42 @@ function getRuleUpdateLog() {
 		});
 	}
 
+	function doRuleUpdates(mode) {
+		var ajaxRequest;
+		if (typeof mode == "undefined") {
+			var mode = "update";
+		}
+
+		// Show the "please wait" modal
+		$('#updrulesdlg').modal('show');
+
+		ajaxRequest = $.ajax({
+			url: "/snort/snort_download_updates.php",
+			type: "post",
+			data: { mode: mode }
+		});
+
+		// Deal with the results of the above ajax call
+		ajaxRequest.done(function (response, textStatus, jqXHR) {
+
+			// Close the "please wait" modal
+			$('#updrulesdlg').modal('hide');
+		});
+	}
+
 	$('#vwupdlog').on('shown.bs.modal', function() {
 		getRuleUpdateLog();
 	});
 
+	//-- Click handlers ---------------------------------
+	$('#update').click(function() {
+		doRuleUpdates('update');
+	});
+
+	$('#force').click(function() {
+		doRuleUpdates('force');
+	});
+
 });
 //]]>
 </script>

From b6639a3dd3700a15ccb3d89e8d4d5823c048ff6d Mon Sep 17 00:00:00 2001
From: Bill Meeks <bmeeks8@bellsouth.net>
Date: Thu, 3 Mar 2016 21:24:03 -0500
Subject: [PATCH 09/11] Adjust fall-through default binary version to 2.9.8.0.

---
 .../files/usr/local/pkg/snort/snort_defs.inc                  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_defs.inc b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_defs.inc
index 9e3bfe48d4e5..bb1e798f3cb5 100644
--- a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_defs.inc
+++ b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_defs.inc
@@ -5,7 +5,7 @@
  * Copyright (C) 2006 Scott Ullrich
  * Copyright (C) 2009-2010 Robert Zelaya
  * Copyright (C) 2011-2012 Ermal Luci
- * Copyright (C) 2013-2015 Bill Meeks
+ * Copyright (C) 2013-2016 Bill Meeks
  * part of pfSense
  * All rights reserved.
  *
@@ -50,7 +50,7 @@ if (!defined("SNORT_BIN_VERSION")) {
 	if (!empty($snortver))
 		define("SNORT_BIN_VERSION", $snortver);
 	else
-		define("SNORT_BIN_VERSION", "2.9.7.6");
+		define("SNORT_BIN_VERSION", "2.9.8.0");
 }
 if (!defined("SNORT_SID_MODS_PATH"))
 	define('SNORT_SID_MODS_PATH', "{$g['vardb_path']}/snort/sidmods/");

From eded20e5e10cfa21cf4edf1f4f9639f55bc15015 Mon Sep 17 00:00:00 2001
From: Bill Meeks <bmeeks8@bellsouth.net>
Date: Thu, 3 Mar 2016 21:32:10 -0500
Subject: [PATCH 10/11] Wrap the interfaces table in a container for appearance
 on INTERFACES tab.

---
 .../files/usr/local/www/snort/snort_interfaces.php           | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interfaces.php b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interfaces.php
index cc061b2acc3c..891fa0455917 100644
--- a/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interfaces.php
+++ b/security/pfSense-pkg-snort/files/usr/local/www/snort/snort_interfaces.php
@@ -226,9 +226,8 @@
 <div class="panel panel-default">
 	<div class="panel-heading"><h2 class="panel-title"><?=gettext("Interface Settings Overview")?></h2></div>
 	<div class="panel-body">
-		<div class="table-responsive">
-
-	<table id="maintable" class="table table-striped table-hover table-condensed">
+		<div class=" content table-responsive">
+			<table id="maintable" class="table table-striped table-hover table-condensed">
 				<thead>
 				<tr id="frheader">
 					<th>&nbsp;</th>

From c4d60eab85c0e0f5d47f47eb9987305c78bceca4 Mon Sep 17 00:00:00 2001
From: Bill Meeks <bmeeks8@bellsouth.net>
Date: Fri, 4 Mar 2016 00:11:00 -0500
Subject: [PATCH 11/11] Fix missing semi-colon and Snort auto-start failure on
 pkg upgrade/reinstall.

---
 .../local/pkg/snort/snort_post_install.php    | 30 ++++++++-----------
 1 file changed, 13 insertions(+), 17 deletions(-)

diff --git a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_post_install.php b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_post_install.php
index 3b036f760b08..2368bb31c03d 100644
--- a/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_post_install.php
+++ b/security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort_post_install.php
@@ -40,6 +40,7 @@
 
 require_once("config.inc");
 require_once("functions.inc");
+require_once("service-utils.inc"); // Need this to get RCFILEPREFIX constant
 require_once("/usr/local/pkg/snort/snort.inc");
 require("/usr/local/pkg/snort/snort_defs.inc");
 
@@ -67,6 +68,9 @@
 	unlink_if_exists("{$g['varrun_path']}/barnyard2_*.pid");
 }
 
+// Remove any LCK files for Snort that might have been left behind
+unlink_if_exists("{$g['varrun_path']}/snort_pkg_starting.lck");
+
 /* Set flag for post-install in progress */
 $g['snort_postinstall'] = true;
 
@@ -105,7 +109,7 @@
 
 /* If installed, absorb the Snort Dashboard Widget into this package */
 /* by removing it as a separately installed package.                 */
-$pkgid = get_pkg_id("Dashboard Widget: Snort");
+$pkgid = get_package_id("Dashboard Widget: Snort");
 if ($pkgid >= 0) {
 	log_error(gettext("[Snort] Removing legacy 'Dashboard Widget: Snort' package because the widget is now part of the Snort package."));
 	unset($config['installedpackages']['package'][$pkgid]);
@@ -138,8 +142,8 @@
 
 /* remake saved settings */
 if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') {
-	log_error(gettext("[Snort] Saved settings detected... rebuilding installation with saved settings..."));
-	update_status(gettext("Saved settings detected...") . "\n");
+	log_error(gettext("[Snort] Saved settings detected... rebuilding installation with saved settings."));
+	update_status(gettext("Saved settings detected.") . "\n");
 
 	/****************************************************************/
 	/* Do test and fix for duplicate UUIDs if this install was      */
@@ -180,10 +184,9 @@
 	update_status(gettext("Migrating settings to new configuration..."));
 	include('/usr/local/pkg/snort/snort_migrate_config.php');
 	update_status(gettext(" done.") . "\n");
-	log_error(gettext("[Snort] Downloading and updating configured rule sets..."));
+	log_error(gettext("[Snort] Downloading and updating configured rule sets."));
 	include('/usr/local/pkg/snort/snort_check_for_rule_updates.php');
-	update_status(gettext(" done.") . "\n");
-	update_status(gettext("Generating snort.conf configuration file from saved settings...") . "\n");
+	update_status(gettext("Generating snort.conf configuration file from saved settings.") . "\n");
 	$rebuild_rules = true;
 	conf_mount_rw();
 
@@ -239,15 +242,8 @@
 		$config['widgets']['sequence'] .= "," . $config['installedpackages']['snortglobal']['dashboard_widget'];
 
 	$rebuild_rules = false;
-	update_status(gettext("Finished rebuilding Snort configuration files...") . "\n");
-	log_error(gettext("[Snort] Finished rebuilding installation from saved settings..."));
-
-	/* Only try to start Snort if not in reboot */
-	if (!($g['booting'])) {
-		update_status(gettext("Starting Snort using rebuilt configuration..."));
-		mwexec_bg("{$rcdir}snort.sh start");
-		update_status(gettext(" done.") . "\n");
-	}
+	update_status(gettext("Finished rebuilding Snort configuration files.") . "\n");
+	log_error(gettext("[Snort] Finished rebuilding installation from saved settings."));
 }
 
 /* We're finished with conf partition mods, return to read-only */
@@ -259,8 +255,8 @@
 	$config['widgets']['sequence'] .= ",{$snort_widget_container}";
 
 /* Update Snort package version in configuration */
-$config['installedpackages']['snortglobal']['snort_config_ver'] = $config['installedpackages']['package'][get_pkg_id("snort")]['version'];
-write_config("Snort pkg v{$config['installedpackages']['package'][get_pkg_id("snort")]['version']}: post-install configuration saved.");
+$config['installedpackages']['snortglobal']['snort_config_ver'] = $config['installedpackages']['package'][get_package_id("snort")]['version'];
+write_config("Snort pkg v{$config['installedpackages']['package'][get_package_id("snort")]['version']}: post-install configuration saved.");
 
 /* Done with post-install, so clear flag */
 unset($g['snort_postinstall']);