From 02160bac4ee9dddc928b85279bb70707e2daef9c Mon Sep 17 00:00:00 2001
From: Francis Lachapelle <flachapelle@inverse.ca>
Date: Wed, 9 Oct 2013 14:56:29 -0400
Subject: [PATCH] Improve generation of snort configuration file

---
 lib/pf/services/snort.pm | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/lib/pf/services/snort.pm b/lib/pf/services/snort.pm
index 7aa5003659f0..6c8384d47391 100644
--- a/lib/pf/services/snort.pm
+++ b/lib/pf/services/snort.pm
@@ -56,10 +56,14 @@ sub generate_snort_conf {
 
     if (exists $Violation_Config{'defaults'}{'snort_rules'}) {
         foreach my $rule ( split( /\s*,\s*/, $Violation_Config{'defaults'}{'snort_rules'} ) ) {
-
-            #append install_dir if the path doesn't start with /
-            $rule = "\$RULE_PATH/$rule" if ( $rule !~ /^\// );
-            push @rules, "include $rule";
+            if ( $rule !~ /^\// && -e "$install_dir/conf/snort/$rule" || -e $rule ) {
+                # Append configuration directory if the path doesn't start with /
+                $rule = "\$RULE_PATH/$rule" if ( $rule !~ /^\// );
+                push @rules, "include $rule";
+            }
+            else {
+                $logger->warn("Snort rules definition file $rule was not found.");
+            }
         }
     }
     $tags{'snort_rules'} = join( "\n", @rules );