diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2006-09-27 20:24:50 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2006-09-27 20:24:50 +0000 |
commit | 98cb7611212e29627401f70f1ca3c1dff5b427e2 (patch) | |
tree | ca81e4d1b41c505bfbdde47ad8ae499c6e34911a | |
parent | be1001dbd07ebc6e68e4dd6bf0fb08ce49f11c4c (diff) | |
download | pfsense-packages-98cb7611212e29627401f70f1ca3c1dff5b427e2.tar.gz pfsense-packages-98cb7611212e29627401f70f1ca3c1dff5b427e2.tar.bz2 pfsense-packages-98cb7611212e29627401f70f1ca3c1dff5b427e2.zip |
Reload snort ip/whitelist information for dynamic interfaces automatically by hooking into /usr/local/pkg/pf/
-rw-r--r-- | packages/snort/snort.xml | 7 | ||||
-rw-r--r-- | packages/snort/snort_dynamic_ip_reload.php | 47 |
2 files changed, 53 insertions, 1 deletions
diff --git a/packages/snort/snort.xml b/packages/snort/snort.xml index 0b0a93a2..eab2b7a3 100644 --- a/packages/snort/snort.xml +++ b/packages/snort/snort.xml @@ -45,6 +45,11 @@ <item>http://www.pfsense.com/packages/config/snort/snort_check_for_rule_updates.php</item> </additional_files_needed> <additional_files_needed> + <prefix>/usr/local/pkg/pf/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort/snort_dynamic_ip_reload.php</item> + </additional_files_needed> + <additional_files_needed> <prefix>/usr/local/www/</prefix> <chmod>077</chmod> <item>http://www.pfsense.com/packages/config/snort/snort_alerts.php</item> @@ -80,7 +85,7 @@ <tab> <text>Snort Alerts</text> <url>/snort_alerts.php</url> - </tab> + </tab> </tabs> <fields> <field> diff --git a/packages/snort/snort_dynamic_ip_reload.php b/packages/snort/snort_dynamic_ip_reload.php new file mode 100644 index 00000000..f51e0a21 --- /dev/null +++ b/packages/snort/snort_dynamic_ip_reload.php @@ -0,0 +1,47 @@ +<?php +/* $Id$ */ +/* + snort_download_rules.php + part of pfSense (http://www.pfsense.com) + Copyright (C) 2005 Scott Ullrich + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + +*/ + +require_once("config.inc"); +require_once("functions.inc"); +require_once("guiconfig.inc"); +require_once("service-utils.inc"); +require("/usr/local/pkg/snort.inc"); + +if($config['interfaces']['wan']['ipaddr'] == "pppoe" or + $config['interfaces']['wan']['ipaddr'] == "dhcp") { + create_snort_conf(); + sleep(2); + start_service("snort"); + + +} + +?>
\ No newline at end of file |