aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2006-09-27 20:24:50 +0000
committerScott Ullrich <sullrich@pfsense.org>2006-09-27 20:24:50 +0000
commit98cb7611212e29627401f70f1ca3c1dff5b427e2 (patch)
treeca81e4d1b41c505bfbdde47ad8ae499c6e34911a
parentbe1001dbd07ebc6e68e4dd6bf0fb08ce49f11c4c (diff)
downloadpfsense-packages-98cb7611212e29627401f70f1ca3c1dff5b427e2.tar.gz
pfsense-packages-98cb7611212e29627401f70f1ca3c1dff5b427e2.tar.bz2
pfsense-packages-98cb7611212e29627401f70f1ca3c1dff5b427e2.zip
Reload snort ip/whitelist information for dynamic interfaces automatically by hooking into /usr/local/pkg/pf/
-rw-r--r--packages/snort/snort.xml7
-rw-r--r--packages/snort/snort_dynamic_ip_reload.php47
2 files changed, 53 insertions, 1 deletions
diff --git a/packages/snort/snort.xml b/packages/snort/snort.xml
index 0b0a93a2..eab2b7a3 100644
--- a/packages/snort/snort.xml
+++ b/packages/snort/snort.xml
@@ -45,6 +45,11 @@
<item>http://www.pfsense.com/packages/config/snort/snort_check_for_rule_updates.php</item>
</additional_files_needed>
<additional_files_needed>
+ <prefix>/usr/local/pkg/pf/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/snort/snort_dynamic_ip_reload.php</item>
+ </additional_files_needed>
+ <additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>077</chmod>
<item>http://www.pfsense.com/packages/config/snort/snort_alerts.php</item>
@@ -80,7 +85,7 @@
<tab>
<text>Snort Alerts</text>
<url>/snort_alerts.php</url>
- </tab>
+ </tab>
</tabs>
<fields>
<field>
diff --git a/packages/snort/snort_dynamic_ip_reload.php b/packages/snort/snort_dynamic_ip_reload.php
new file mode 100644
index 00000000..f51e0a21
--- /dev/null
+++ b/packages/snort/snort_dynamic_ip_reload.php
@@ -0,0 +1,47 @@
+<?php
+/* $Id$ */
+/*
+ snort_download_rules.php
+ part of pfSense (http://www.pfsense.com)
+ Copyright (C) 2005 Scott Ullrich
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+*/
+
+require_once("config.inc");
+require_once("functions.inc");
+require_once("guiconfig.inc");
+require_once("service-utils.inc");
+require("/usr/local/pkg/snort.inc");
+
+if($config['interfaces']['wan']['ipaddr'] == "pppoe" or
+ $config['interfaces']['wan']['ipaddr'] == "dhcp") {
+ create_snort_conf();
+ sleep(2);
+ start_service("snort");
+
+
+}
+
+?> \ No newline at end of file