diff options
author | robiscool <robrob2626@yahoo.com> | 2009-09-27 22:41:32 -0700 |
---|---|---|
committer | robiscool <robrob2626@yahoo.com> | 2009-09-27 22:42:51 -0700 |
commit | 2b7e84819d7ff6af65ecf52f81ec02924c40ef8e (patch) | |
tree | 43eb582626861db8ba96ba857fff92aebd495124 /config/snort-dev/snort_check_for_rule_updates.php | |
parent | c08db1d0285bb5dfcd5a2665af8d228f4d9d0d05 (diff) | |
download | pfsense-packages-2b7e84819d7ff6af65ecf52f81ec02924c40ef8e.tar.gz pfsense-packages-2b7e84819d7ff6af65ecf52f81ec02924c40ef8e.tar.bz2 pfsense-packages-2b7e84819d7ff6af65ecf52f81ec02924c40ef8e.zip |
snort-dev, update to RC5, update snort_download to restart if snort is running, update snort.inc code for failers, dynamic ip reload update
Diffstat (limited to 'config/snort-dev/snort_check_for_rule_updates.php')
-rw-r--r-- | config/snort-dev/snort_check_for_rule_updates.php | 62 |
1 files changed, 31 insertions, 31 deletions
diff --git a/config/snort-dev/snort_check_for_rule_updates.php b/config/snort-dev/snort_check_for_rule_updates.php index 8a6aedc9..4430c4a2 100644 --- a/config/snort-dev/snort_check_for_rule_updates.php +++ b/config/snort-dev/snort_check_for_rule_updates.php @@ -237,12 +237,15 @@ if ($snort_md5_check_ok == on && $pfsense_md5_check_ok == on && $emergingthreats exit(0); } -/* "You are Not Up to date */; - echo "You are NOT up to date...\n"; - echo "Stopping Snort service...\n"; -stop_service("snort"); -sleep(2); -// start_service("snort"); +/* You are Not Up to date, always stop snort when updating rules for low end machines */; +echo "You are NOT up to date...\n"; +echo "Stopping Snort service...\n"; +$chk_if_snort_up = exec("pgrep -x snort"); +if ($chk_if_snort_up != "") { + exec("/usr/bin/touch /tmp/snort_download_halt.pid"); + stop_service("snort"); + sleep(2); +} /* download snortrules file */ if ($snort_md5_check_ok != on) { @@ -539,23 +542,6 @@ if (file_exists("{$snortdir}/doc/signatures")) { } } -/* Copy snort rules and emergingthreats and pfsense dir to snort dir */ -//if ($snort_md5_check_ok != on || $emerg_md5_check_chk_ok != on || $pfsense_md5_check_ok != on) { -//if (file_exists("{$tmpfname}/rules")) { -// echo "Copying rules...\n"; -// echo "May take a while...\n"; -// exec("/bin/cp {$tmpfname}/rules/* {$snortdir}/rules"); -// echo "Done copping rules.\n"; - /* Write out time of last sucsessful rule install catch */ -// $config['installedpackages']['snort']['last_rules_install'] = date("Y-M-jS-h:i-A"); -// write_config(); -//} else { -// echo "Directory rules does not exists...\n"; -// echo "Error copying rules direcory...\n"; -// exit(0); -// } -//} - /* double make shure clean up emerg rules that dont belong */ if (file_exists("/usr/local/etc/snort_bkup/rules/emerging-botcc-BLOCK.rules")) { apc_clear_cache(); @@ -584,7 +570,7 @@ exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort_b if ($snort_md5_check_ok != on || $emerg_md5_check_chk_ok != on || $pfsense_md5_check_ok != on) { if (empty($config['installedpackages']['snort']['rule_sid_on']) || empty($config['installedpackages']['snort']['rule_sid_off'])) { -echo "Your enable and disable changes are being applied to your fresh set of rules...\n"; +echo "Your first set of rules are being copied...\n"; echo "May take a while...\n"; exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/rules/"); @@ -599,15 +585,16 @@ echo "May take a while...\n"; exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}"); } else { - + echo "Your enable and disable changes are being applied to your fresh set of rules...\n"; + echo "May take a while...\n"; exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}"); - exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}"); +// exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}"); exec("/bin/cp {$snortdir}/generators {$snortdir_wan}"); exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}"); exec("/bin/cp {$snortdir}/sid {$snortdir_wan}"); exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}"); - exec("/bin/cp {$snortdir}/snort.conf {$snortdir_wan}"); - exec("/bin/cp {$snortdir}/threshold.conf {$snortdir_wan}"); +// exec("/bin/cp {$snortdir}/snort.conf {$snortdir_wan}"); +// exec("/bin/cp {$snortdir}/threshold.conf {$snortdir_wan}"); exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}"); /* oinkmaster.pl will convert saved changes for the new updates then we have to change #alert to # alert for the gui */ @@ -620,13 +607,26 @@ echo "May take a while...\n"; } } +/* remove old $tmpfname files */ +if (file_exists("{$tmpfname}")) { + echo "Cleaning up...\n"; + exec("/bin/rm -r /tmp/snort_rules_up"); +} + /* php code to flush out cache some people are reportting missing files this might help */ sleep(5); apc_clear_cache(); exec("/bin/sync ;/bin/sync ;/bin/sync ;/bin/sync ;/bin/sync ;/bin/sync ;/bin/sync ;/bin/sync"); -/* php code finish */ -echo "The Rules update finished...\n"; -echo "You may start snort now...\n"; +/* if snort is running hardrestart, if snort is not running do nothing */ +if (file_exists("/tmp/snort_download_halt.pid")) { + start_service("snort"); + echo "The Rules update finished...\n"; + echo "Snort has restarted with your new set of rules...\n"; + exec("/bin/rm /tmp/snort_download_halt.pid"); +} else { + echo "The Rules update finished...\n"; + echo "You may start snort now...\n"; +} ?> |