aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbmeeks8 <bmeeks8@bellsouth.net>2013-01-29 21:23:40 -0500
committerbmeeks8 <bmeeks8@bellsouth.net>2013-01-29 21:23:40 -0500
commitf00a5d563e6e875deea62fdcea56ee0ff3df55fd (patch)
tree44f3829d41886e95e150c2fae9b1c512deb72293
parent7cd0a22659afa5036ea23c3fd1b485bce9d115c6 (diff)
downloadpfsense-packages-f00a5d563e6e875deea62fdcea56ee0ff3df55fd.tar.gz
pfsense-packages-f00a5d563e6e875deea62fdcea56ee0ff3df55fd.tar.bz2
pfsense-packages-f00a5d563e6e875deea62fdcea56ee0ff3df55fd.zip
Add additional config parameters in GUI for pfPortscan preprocessor.
-rwxr-xr-xconfig/snort/snort.inc16
1 files changed, 14 insertions, 2 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index dede1f1d..3571a215 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -2061,13 +2061,25 @@ PIPELINING CHUNKING DATA DSN RSET QUIT ONEX QUEU STARTTLS TICK TIME TURNME VERB
EOD;
/* def sf_portscan */
+ if (!empty($snortcfg['pscan_sense_level']))
+ $sf_pscan_sense_level = $snortcfg['pscan_sense_level'];
+ else
+ $sf_pscan_sense_level = "medium";
+
+ if (!empty($snortcfg['pscan_ignore_scanners']) && is_alias($snortcfg['pscan_ignore_scanners'])) {
+ $sf_pscan_ignore_scanners = filter_expand_alias($snortcfg['pscan_ignore_scanners']);
+ $sf_pscan_ignore_scanners = preg_replace('/\s+/', ',', trim($sf_pscan_ignore_scanners));
+ }
+ else
+ $sf_pscan_ignore_scanners = "\$HOME_NET";
+
$sf_portscan = <<<EOD
# sf Portscan #
preprocessor sfportscan: scan_type { all } \
proto { all } \
memcap { 10000000 } \
- sense_level { medium } \
- ignore_scanners { \$HOME_NET }
+ sense_level { {$sf_pscan_sense_level} } \
+ ignore_scanners { {$sf_pscan_ignore_scanners} }
EOD;