snort-dev, add missing files, cp SnortDBtmp to temp dir

1 files changed, 83 insertions, 0 deletions

diff --git a/config/snort-dev/snort_build.inc b/config/snort-dev/snort_build.inc
index ee663735..edc9583a 100644
--- a/config/snort-dev/snort_build.inc
+++ b/config/snort-dev/snort_build.inc
@@ -1113,10 +1113,93 @@ function create_snort_conf($uuid)
 		
 }
 
+// create threshold.conf
+function generate_threshold_conf($uuid) {
+
+	global $config;
+
+	// Iface main setings
+	$ifaceSettingsArray = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid);
+		
+	$getSnortSuppresslist = snortSql_fetchAllSettings('snortDB', 'SnortSuppress', 'filename', $ifaceSettingsArray['suppresslistname']);
+	
+	if ($ifaceSettingsArray['suppresslistname'] === 'default') {
+		$getSnortSuppressPass = '';
+	}else{
+		$getSnortSuppressPass = base64_decode($getSnortSuppresslist[0]['suppresspassthru']);
+	}
+	
+	
+	$snort_threshold_text = <<<EOD
+
+# snort threshold file
+# generated by the pfSense
+# package manager system
+# see /usr/local/pkg/snort_build.inc
+# for more information
+#	threshold.conf
+#   Snort can be found at http://www.snort.org/
+#
+#	Copyright (C) 2009-2011 Robert Zelaya
+#	part of pfSense
+#	All rights reserved.
+#
+#	Redistribution and use in source and binary forms, with or without
+#	modification, are permitted provided that the following conditions are met:
+#
+#	1. Redistributions of source code must retain the above copyright notice,
+#	   this list of conditions and the following disclaimer.
+#
+#	2. Redistributions in binary form must reproduce the above copyright
+#	   notice, this list of conditions and the following disclaimer in the
+#	   documentation and/or other materials provided with the distribution.
+#
+#	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+#	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+#	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+#	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+#	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+#	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+#	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+#	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+#	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+#	POSSIBILITY OF SUCH DAMAGE.
+
+
+{$getSnortSuppressPass}
+	
+EOD;
+
+return $snort_threshold_text;
+
+}
+
+function create_threshold_conf($uuid)
+{
+	// make sure file is there
+	if (!file_exists("/usr/local/etc/snort/sn_{$uuid}/threshold.conf")) {
+		exec("/usr/bin/touch /usr/local/etc/snort/sn_{$uuid}/threshold.conf");
+	}
+
+	$threshold_conf_text = generate_threshold_conf($uuid);
+	
+	$conf = fopen("/usr/local/etc/snort/sn_{$uuid}/threshold.conf", "w");
+	if(!$conf) {
+		log_error("Could not open /usr/local/etc/snort/sn_{$uuid}/threshold.conf for writing.");
+		exit;
+	}
+	
+	fwrite($conf, $threshold_conf_text);
+	fclose($conf);
+		
+}
+
 function build_snort_settings($uuid) {
 	
 	// create snort.conf
 	create_snort_conf($uuid);
+	// create threshold.conf
+	create_threshold_conf($uuid);
 	
 }