aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2006-10-01 00:46:43 +0000
committerScott Ullrich <sullrich@pfsense.org>2006-10-01 00:46:43 +0000
commit7e96aa776c35ec4273b38874bf693c80684cfa12 (patch)
treede6cdc65bc2959c23334954808e20faf95764733
parent38add829d9748421cf660fc6c53dae1db531650f (diff)
downloadpfsense-packages-7e96aa776c35ec4273b38874bf693c80684cfa12.tar.gz
pfsense-packages-7e96aa776c35ec4273b38874bf693c80684cfa12.tar.bz2
pfsense-packages-7e96aa776c35ec4273b38874bf693c80684cfa12.zip
Teach snort to use newer package plugin methods
-rw-r--r--packages/snort/snort.inc14
-rw-r--r--packages/snort/snort_dynamic_ip_reload.php35
2 files changed, 40 insertions, 9 deletions
diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc
index 8773cac6..e27d8e4a 100644
--- a/packages/snort/snort.inc
+++ b/packages/snort/snort.inc
@@ -27,14 +27,12 @@
POSSIBILITY OF SUCH DAMAGE.
*/
-$snort_conf_file = "/usr/local/etc/snort/snort.conf";
-
/* define oinkid */
if($config['installedpackages']['snort'])
$oinkid = $config['installedpackages']['snort']['config'][0]['oinkmastercode'];
function sync_package_snort() {
- global $config, $g, $snort_conf_file;
+ global $config, $g;
conf_mount_rw();
exec("/bin/mkdir -p /usr/local/etc/snort");
exec("/bin/mkdir -p /var/log/snort");
@@ -68,7 +66,7 @@ function sync_package_snort() {
$start = "/bin/mkdir -p /var/log/snort";
/* start snort */
- $start .= ";snort -c {$snort_conf_file} -l /var/log/snort {$ifaces_final} -A full -D";
+ $start .= ";snort -c /usr/local/etc/snort/snort.conf -l /var/log/snort {$ifaces_final} -A full -D";
/* if block offenders is checked, start snort2c */
if($_POST['blockoffenders'])
@@ -90,13 +88,13 @@ function sync_package_snort() {
}
function create_snort_conf() {
- global $config, $g, $snort_conf_file;
+ global $config, $g;
/* write out snort.conf */
$snort_conf_text = generate_snort_conf();
conf_mount_rw();
- $conf = fopen($snort_conf_file, "w");
+ $conf = fopen("/usr/local/etc/snort/snort.conf", "w");
if(!$conf) {
- log_error("Could not open {$snort_conf_file} for writing.");
+ log_error("Could not open /usr/local/etc/snort/snort.conf for writing.");
exit;
}
fwrite($conf, $snort_conf_text);
@@ -105,7 +103,7 @@ function create_snort_conf() {
}
function generate_snort_conf() {
- global $config, $g, $snort_conf_file;
+ global $config, $g;
conf_mount_rw();
/* obtain external interface */
/* XXX: make multi wan friendly */
diff --git a/packages/snort/snort_dynamic_ip_reload.php b/packages/snort/snort_dynamic_ip_reload.php
index 0403ea31..5d88be69 100644
--- a/packages/snort/snort_dynamic_ip_reload.php
+++ b/packages/snort/snort_dynamic_ip_reload.php
@@ -1,8 +1,40 @@
+<?php
-require("/usr/local/pkg/snort.inc");
+/* $Id$ */
+/*
+ snort_dynamic_ip_reload.php
+ Copyright (C) 2006 Scott Ullrich
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/* NOTE: this file gets included from the pfSense filter.inc plugin process */
log_error("[SNORT] Snort_dynamic_ip_reload.php is starting.");
+require_once("/usr/local/pkg/snort.inc");
+require_once("service-utils.inc");
+
if($config['interfaces']['wan']['ipaddr'] == "pppoe" or
$config['interfaces']['wan']['ipaddr'] == "dhcp") {
log_error("Snort has detected a dynamic wan address. Reloading configuration.");
@@ -14,3 +46,4 @@ if($config['interfaces']['wan']['ipaddr'] == "pppoe" or
log_error("[SNORT] Snort_dynamic_ip_reload.php is ending.");
+?> \ No newline at end of file