diff options
author | robiscool <robrob2626@yahoo.com> | 2009-12-13 19:11:48 -0800 |
---|---|---|
committer | robiscool <robrob2626@yahoo.com> | 2009-12-13 19:11:48 -0800 |
commit | 1b105aedad724692d68e2f60062981452df662f5 (patch) | |
tree | d68616c04b67ae5b96916d1360884a48d5e115ac | |
parent | e35913552efea60f71bf2c3b1c9a06157d257b2e (diff) | |
download | pfsense-packages-1b105aedad724692d68e2f60062981452df662f5.tar.gz pfsense-packages-1b105aedad724692d68e2f60062981452df662f5.tar.bz2 pfsense-packages-1b105aedad724692d68e2f60062981452df662f5.zip |
snort-dev, add deinstall code, code to load fast ip lists 2000,000 ips will load now
-rw-r--r-- | config/snort-dev/snort.inc | 35 | ||||
-rw-r--r-- | config/snort-dev/snort_blocked.php | 14 |
2 files changed, 28 insertions, 21 deletions
diff --git a/config/snort-dev/snort.inc b/config/snort-dev/snort.inc index 26bdee7d..5b4b8fed 100644 --- a/config/snort-dev/snort.inc +++ b/config/snort-dev/snort.inc @@ -877,28 +877,31 @@ function snort_deinstall() $x=0; foreach($config['cron']['item'] as $item) { - if (strstr($item['command'], "snort2c")) - { - $is_installed = true; - break; - } + if (strstr($item['command'], "snort2c")) + { + $is_installed = true; + break; + } - $x++; + $x++; + } - if($is_installed == true) + if($is_installed == true) + { + if($x > 0) { - if($x > 0) - { - unset($config['cron']['item'][$x]); - write_config(); - conf_mount_rw(); - } - configure_cron(); + unset($config['cron']['item'][$x]); + write_config(); + conf_mount_rw(); } - } - conf_mount_ro(); + + configure_cron(); + + } + conf_mount_ro(); } + function snort_rules_up_deinstall_cron($should_install) { global $config, $g; diff --git a/config/snort-dev/snort_blocked.php b/config/snort-dev/snort_blocked.php index f4de6e0d..694f76c5 100644 --- a/config/snort-dev/snort_blocked.php +++ b/config/snort-dev/snort_blocked.php @@ -81,9 +81,12 @@ include("head.inc"); </tr> <?php - $associatealertip = $config['installedpackages']['snort']['config'][0]['associatealertip']; + $associatealertip = $config['installedpackages']['snortglobal']['associatealertip']; // $ips = `/sbin/pfctl -t snort2c -T show`; - $ips_array = file('/usr/rob/test.log'); + /* this improves loading of ips by a factor of 10 */ + exec('/sbin/pfctl -t snort2c -T show > /tmp/snort_block.cache'); + sleep(3); + $ips_array = file('/tmp/snort_block.cache'); // $ips_array = split("\n", $ips); $counter = 0; foreach($ips_array as $ip) { @@ -97,7 +100,7 @@ include("head.inc"); $alert_description = ""; echo "\n<tr>"; echo "\n<td align=\"center\" valign=\"top\"'><a href='snort_blocked.php?todelete=" . trim(urlencode($ww_ip)) . "'>"; - echo "\n<img title=\"Delete\" border=\"0\" name='todelete' id='todelete' alt=\"Delete\" src=\"./themes/{$g['theme']}/images/icons/icon_x.gif\"></a></td>"; + echo "\n<img title=\"Delete\" border=\"0\" name='todelete' id='todelete' alt=\"Delete\" src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"></a></td>"; echo "\n<td> {$ww_ip}</td>"; echo "\n<td> {$alert_description}<!-- |{$ww_ip}| get_snort_alert($ww_ip); --></td>"; echo "\n</tr>"; @@ -126,7 +129,7 @@ include("head.inc"); <?php /* tell the user what settings they have */ -$blockedtab_msg_chk = $config['installedpackages']['snort']['config'][0]['rm_blocked']; +$blockedtab_msg_chk = $config['installedpackages']['snortglobal']['rm_blocked7']; if ($blockedtab_msg_chk == "1h_b") { $blocked_msg = "hour"; } @@ -164,6 +167,7 @@ echo "This page lists hosts that have been blocked by Snort. Hosts are automatic <?php /* write out snort cache */ +conf_mount_rw(); write_snort_config_cache($snort_config); - +conf_mount_ro(); ?>
\ No newline at end of file |