aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrobiscool <robrob2626@yahoo.com>2009-12-13 19:11:48 -0800
committerrobiscool <robrob2626@yahoo.com>2009-12-13 19:11:48 -0800
commit1b105aedad724692d68e2f60062981452df662f5 (patch)
treed68616c04b67ae5b96916d1360884a48d5e115ac
parente35913552efea60f71bf2c3b1c9a06157d257b2e (diff)
downloadpfsense-packages-1b105aedad724692d68e2f60062981452df662f5.tar.gz
pfsense-packages-1b105aedad724692d68e2f60062981452df662f5.tar.bz2
pfsense-packages-1b105aedad724692d68e2f60062981452df662f5.zip
snort-dev, add deinstall code, code to load fast ip lists 2000,000 ips will load now
-rw-r--r--config/snort-dev/snort.inc35
-rw-r--r--config/snort-dev/snort_blocked.php14
2 files changed, 28 insertions, 21 deletions
diff --git a/config/snort-dev/snort.inc b/config/snort-dev/snort.inc
index 26bdee7d..5b4b8fed 100644
--- a/config/snort-dev/snort.inc
+++ b/config/snort-dev/snort.inc
@@ -877,28 +877,31 @@ function snort_deinstall()
$x=0;
foreach($config['cron']['item'] as $item)
{
- if (strstr($item['command'], "snort2c"))
- {
- $is_installed = true;
- break;
- }
+ if (strstr($item['command'], "snort2c"))
+ {
+ $is_installed = true;
+ break;
+ }
- $x++;
+ $x++;
+
}
- if($is_installed == true)
+ if($is_installed == true)
+ {
+ if($x > 0)
{
- if($x > 0)
- {
- unset($config['cron']['item'][$x]);
- write_config();
- conf_mount_rw();
- }
- configure_cron();
+ unset($config['cron']['item'][$x]);
+ write_config();
+ conf_mount_rw();
}
- }
- conf_mount_ro();
+
+ configure_cron();
+
+ }
+ conf_mount_ro();
}
+
function snort_rules_up_deinstall_cron($should_install) {
global $config, $g;
diff --git a/config/snort-dev/snort_blocked.php b/config/snort-dev/snort_blocked.php
index f4de6e0d..694f76c5 100644
--- a/config/snort-dev/snort_blocked.php
+++ b/config/snort-dev/snort_blocked.php
@@ -81,9 +81,12 @@ include("head.inc");
</tr>
<?php
- $associatealertip = $config['installedpackages']['snort']['config'][0]['associatealertip'];
+ $associatealertip = $config['installedpackages']['snortglobal']['associatealertip'];
// $ips = `/sbin/pfctl -t snort2c -T show`;
- $ips_array = file('/usr/rob/test.log');
+ /* this improves loading of ips by a factor of 10 */
+ exec('/sbin/pfctl -t snort2c -T show > /tmp/snort_block.cache');
+ sleep(3);
+ $ips_array = file('/tmp/snort_block.cache');
// $ips_array = split("\n", $ips);
$counter = 0;
foreach($ips_array as $ip) {
@@ -97,7 +100,7 @@ include("head.inc");
$alert_description = "";
echo "\n<tr>";
echo "\n<td align=\"center\" valign=\"top\"'><a href='snort_blocked.php?todelete=" . trim(urlencode($ww_ip)) . "'>";
- echo "\n<img title=\"Delete\" border=\"0\" name='todelete' id='todelete' alt=\"Delete\" src=\"./themes/{$g['theme']}/images/icons/icon_x.gif\"></a></td>";
+ echo "\n<img title=\"Delete\" border=\"0\" name='todelete' id='todelete' alt=\"Delete\" src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"></a></td>";
echo "\n<td>&nbsp;{$ww_ip}</td>";
echo "\n<td>&nbsp;{$alert_description}<!-- |{$ww_ip}| get_snort_alert($ww_ip); --></td>";
echo "\n</tr>";
@@ -126,7 +129,7 @@ include("head.inc");
<?php
/* tell the user what settings they have */
-$blockedtab_msg_chk = $config['installedpackages']['snort']['config'][0]['rm_blocked'];
+$blockedtab_msg_chk = $config['installedpackages']['snortglobal']['rm_blocked7'];
if ($blockedtab_msg_chk == "1h_b") {
$blocked_msg = "hour";
}
@@ -164,6 +167,7 @@ echo "This page lists hosts that have been blocked by Snort. Hosts are automatic
<?php
/* write out snort cache */
+conf_mount_rw();
write_snort_config_cache($snort_config);
-
+conf_mount_ro();
?> \ No newline at end of file