diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2006-10-01 00:46:43 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2006-10-01 00:46:43 +0000 |
commit | 7e96aa776c35ec4273b38874bf693c80684cfa12 (patch) | |
tree | de6cdc65bc2959c23334954808e20faf95764733 | |
parent | 38add829d9748421cf660fc6c53dae1db531650f (diff) | |
download | pfsense-packages-7e96aa776c35ec4273b38874bf693c80684cfa12.tar.gz pfsense-packages-7e96aa776c35ec4273b38874bf693c80684cfa12.tar.bz2 pfsense-packages-7e96aa776c35ec4273b38874bf693c80684cfa12.zip |
Teach snort to use newer package plugin methods
-rw-r--r-- | packages/snort/snort.inc | 14 | ||||
-rw-r--r-- | packages/snort/snort_dynamic_ip_reload.php | 35 |
2 files changed, 40 insertions, 9 deletions
diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc index 8773cac6..e27d8e4a 100644 --- a/packages/snort/snort.inc +++ b/packages/snort/snort.inc @@ -27,14 +27,12 @@ POSSIBILITY OF SUCH DAMAGE. */ -$snort_conf_file = "/usr/local/etc/snort/snort.conf"; - /* define oinkid */ if($config['installedpackages']['snort']) $oinkid = $config['installedpackages']['snort']['config'][0]['oinkmastercode']; function sync_package_snort() { - global $config, $g, $snort_conf_file; + global $config, $g; conf_mount_rw(); exec("/bin/mkdir -p /usr/local/etc/snort"); exec("/bin/mkdir -p /var/log/snort"); @@ -68,7 +66,7 @@ function sync_package_snort() { $start = "/bin/mkdir -p /var/log/snort"; /* start snort */ - $start .= ";snort -c {$snort_conf_file} -l /var/log/snort {$ifaces_final} -A full -D"; + $start .= ";snort -c /usr/local/etc/snort/snort.conf -l /var/log/snort {$ifaces_final} -A full -D"; /* if block offenders is checked, start snort2c */ if($_POST['blockoffenders']) @@ -90,13 +88,13 @@ function sync_package_snort() { } function create_snort_conf() { - global $config, $g, $snort_conf_file; + global $config, $g; /* write out snort.conf */ $snort_conf_text = generate_snort_conf(); conf_mount_rw(); - $conf = fopen($snort_conf_file, "w"); + $conf = fopen("/usr/local/etc/snort/snort.conf", "w"); if(!$conf) { - log_error("Could not open {$snort_conf_file} for writing."); + log_error("Could not open /usr/local/etc/snort/snort.conf for writing."); exit; } fwrite($conf, $snort_conf_text); @@ -105,7 +103,7 @@ function create_snort_conf() { } function generate_snort_conf() { - global $config, $g, $snort_conf_file; + global $config, $g; conf_mount_rw(); /* obtain external interface */ /* XXX: make multi wan friendly */ diff --git a/packages/snort/snort_dynamic_ip_reload.php b/packages/snort/snort_dynamic_ip_reload.php index 0403ea31..5d88be69 100644 --- a/packages/snort/snort_dynamic_ip_reload.php +++ b/packages/snort/snort_dynamic_ip_reload.php @@ -1,8 +1,40 @@ +<?php -require("/usr/local/pkg/snort.inc"); +/* $Id$ */ +/* + snort_dynamic_ip_reload.php + Copyright (C) 2006 Scott Ullrich + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +/* NOTE: this file gets included from the pfSense filter.inc plugin process */ log_error("[SNORT] Snort_dynamic_ip_reload.php is starting."); +require_once("/usr/local/pkg/snort.inc"); +require_once("service-utils.inc"); + if($config['interfaces']['wan']['ipaddr'] == "pppoe" or $config['interfaces']['wan']['ipaddr'] == "dhcp") { log_error("Snort has detected a dynamic wan address. Reloading configuration."); @@ -14,3 +46,4 @@ if($config['interfaces']['wan']['ipaddr'] == "pppoe" or log_error("[SNORT] Snort_dynamic_ip_reload.php is ending."); +?>
\ No newline at end of file |