diff options
| author | thompsa <andy@fud.org.nz> | 2010-01-28 09:49:44 +1300 |
|---|---|---|
| committer | thompsa <andy@fud.org.nz> | 2010-01-28 09:49:44 +1300 |
| commit | f315eefd1eaebe7352052e229ba6c51e90db333d (patch) | |
| tree | f51e47701eb80903803210adb5430d130f43e863 /config/snort-dev/snort_interfaces.php | |
| parent | 76f89965c9ea242f2c0a97ce782de6d77b44f3fd (diff) | |
| download | pfsense-packages-f315eefd1eaebe7352052e229ba6c51e90db333d.tar.gz pfsense-packages-f315eefd1eaebe7352052e229ba6c51e90db333d.tar.bz2 pfsense-packages-f315eefd1eaebe7352052e229ba6c51e90db333d.zip | |
Update snort-dev to 2.8.5.2
Diffstat (limited to 'config/snort-dev/snort_interfaces.php')
| -rw-r--r-- | config/snort-dev/snort_interfaces.php | 181 |
1 files changed, 38 insertions, 143 deletions
diff --git a/config/snort-dev/snort_interfaces.php b/config/snort-dev/snort_interfaces.php index 2732ebbb..55f729f5 100644 --- a/config/snort-dev/snort_interfaces.php +++ b/config/snort-dev/snort_interfaces.php @@ -78,84 +78,35 @@ if (isset($_POST['del_x'])) { /* delete selected rules */ if (is_array($_POST['rule']) && count($_POST['rule'])) { foreach ($_POST['rule'] as $rulei) { - - /* convert fake interfaces to real */ - $if_real = convert_friendly_interface_to_real_interface_name($a_nat[$rulei]['interface']); - - $snort_pid = exec("/bin/ps -auwx | grep -v grep | grep \"$if_real -c\" | awk '{print $2;}'"); - - if ($snort_pid != "") - { - - $start_up_pre = exec("/bin/cat /var/run/snort_{$if_real}{$rulei}{$if_real}.pid"); - $start_up_s = exec("/usr/bin/top -U snort -u | grep snort | grep {$start_up_pre} | awk '{ print $1; }'"); - $start_up_r = exec("/usr/bin/top -U root -u | grep snort | grep {$start_up_pre} | awk '{ print $1; }'"); - - $start2_upb_pre = exec("/bin/cat /var/run/barnyard2_{$rulei}{$if_real}.pid"); - $start2_upb_s = exec("/usr/bin/top -U snort -u | grep barnyard2 | grep {$start2_upb_pre} | awk '{ print $1; }'"); - $start2_upb_r = exec("/usr/bin/top -U root -u | grep barnyard2 | grep {$start2_upb_pre} | awk '{ print $1; }'"); - - - if ($start_up_s != "" || $start_up_r != "" || $start2_upb_s != "" || $start2_upb_r != "") - { - - /* dont flood the syslog code */ - exec("/bin/cp /var/log/system.log /var/log/system.log.bk"); - sleep(3); - - - /* remove only running instances */ - if ($start_up_s != "") - { - exec("/bin/kill {$start_up_s}"); - exec("/bin/rm /var/run/snort_$if_real$rulei$if_real*"); - } - - if ($start2_upb_s != "") - { - exec("/bin/kill {$start2_upb_s}"); - exec("/bin/rm /var/run/barnyard2_$rulei$if_real*"); - } - - if ($start_up_r != "") - { - exec("/bin/kill {$start_up_r}"); - exec("/bin/rm /var/run/snort_$if_real$rulei$if_real*"); - } - - if ($start2_upb_r != "") - { - exec("/bin/kill {$start2_upb_r}"); - exec("/bin/rm /var/run/barnyard2_$rulei$if_real*"); - } - - /* stop syslog flood code */ - $if_real_wan_rulei = $a_nat[$rulei]['interface']; - $if_real_wan_rulei2 = convert_friendly_interface_to_real_interface_name2($if_real_wan_rulei); - exec("/sbin/ifconfig $if_real_wan_rulei2 -promisc"); - exec("/bin/cp /var/log/system.log /var/log/snort/snort_sys_$rulei$if_real.log"); - exec("/usr/bin/killall syslogd"); - exec("/usr/sbin/clog -i -s 262144 /var/log/system.log"); - exec("/usr/sbin/syslogd -c -ss -f /var/etc/syslog.conf"); - sleep(2); - exec("/bin/cp /var/log/system.log.bk /var/log/system.log"); - $after_mem = exec("/usr/bin/top | /usr/bin/grep Wired | /usr/bin/awk '{ print $2 }'"); - exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'MEM after {$rulei}{$if_real} STOP {$after_mem}'"); - exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'Interface Rule removed for {$rulei}{$if_real}...'"); - - } - - } - - unset($a_nat[$rulei]); - + + + /* dont flood the syslog code */ + exec("/bin/cp /var/log/system.log /var/log/system.log.bk"); + exec("/bin/sh /usr/local/etc/rc.d/snort stop $rulei"); + + /* stop syslog flood code */ + $if_real_wan_rulei = $a_nat[$rulei]['interface']; + $if_real_wan_rulei2 = convert_friendly_interface_to_real_interface_name2($if_real_wan_rulei); + exec("/bin/cp /var/log/system.log /var/log/snort/snort_sys_$rulei$if_real.log"); + exec("/usr/bin/killall syslogd"); + exec("/usr/sbin/clog -i -s 262144 /var/log/system.log"); + exec("/usr/sbin/syslogd -c -ss -f /var/etc/syslog.conf"); + sleep(2); + exec("/bin/cp /var/log/system.log.bk /var/log/system.log"); + $after_mem = exec("/usr/bin/top | /usr/bin/grep Wired | /usr/bin/awk '{ print $2 }'"); + exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'MEM after {$rulei}{$if_real} STOP {$after_mem}'"); + exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'Interface Rule removed for {$rulei}{$if_real}...'"); + + unset($a_nat[$rulei]); + } - - conf_mount_rw(); - exec("/bin/rm -r /usr/local/etc/snort/snort_$rulei$if_real"); - exec("/bin/rm /usr/local/etc/rc.d/snort_$rulei$if_real.sh"); - exec("/bin/rm /var/log/snort/snort.u2_$rulei$if_real*"); - conf_mount_ro(); + + + + conf_mount_rw(); + exec("/bin/rm -r /usr/local/etc/snort/snort_$rulei$if_real"); + exec("/bin/rm /var/log/snort/snort.u2_$rulei$if_real*"); + conf_mount_ro(); write_config(); // touch($d_natconfdirty_path); @@ -215,67 +166,16 @@ if ($_GET['act'] == "toggle" && $_GET['id'] != "") { $if_real2 = convert_friendly_interface_to_real_interface_name($a_nat[$id]['interface']); + $name = "{$id}{$if_real2}"; + $snort_pid = exec("pgrep -F /var/run/snort_{$if_real2}{$name}.pid snort"); - $start_up_pre = exec("/bin/cat /var/run/snort_{$if_real2}{$id}{$if_real2}.pid"); - $start_up_s = exec("/usr/bin/top -U snort -u | grep snort | grep {$start_up_pre} | awk '{ print $1; }'"); - $start_up_r = exec("/usr/bin/top -U root -u | grep snort | grep {$start_up_pre} | awk '{ print $1; }'"); - - $start2_upb_pre = exec("/bin/cat /var/run/barnyard2_{$id}{$if_real2}.pid"); - $start2_upb_s = exec("/usr/bin/top -U snort -u | grep barnyard2 | grep {$start2_upb_pre} | awk '{ print $1; }'"); - $start2_upb_r = exec("/usr/bin/top -U root -u | grep barnyard2 | grep {$start2_upb_pre} | awk '{ print $1; }'"); - - if ($start_up_s != "" || $start_up_r != "" || $start2_upb_s != "" || $start2_upb_r != "") - { - - /* stop syslog flood code */ - exec("/bin/cp /var/log/system.log /var/log/system.log.bk"); - sleep(3); - - if ($start_up_s != "") - { - exec("/bin/kill {$start_up_s}"); - exec("/bin/rm /var/run/snort_$if_real2$id$if_real2*"); - } - - if ($start2_upb_s != "") - { - exec("/bin/kill {$start2_upb_s}"); - exec("/bin/rm /var/run/barnyard2_$id$if_real2*"); - } - - if ($start_up_r != "") - { - exec("/bin/kill {$start_up_r}"); - exec("/bin/rm /var/run/snort_$if_real2$id$if_real2*"); - } - - if ($start2_upb_r != "") - { - exec("/bin/kill {$start2_upb_r}"); - exec("/bin/rm /var/run/barnyard2_$id$if_real2*"); - } - - /* stop syslog flood code */ - $if_real_wan_id = $a_nat[$id]['interface']; - $if_real_wan_id2 = convert_friendly_interface_to_real_interface_name2($if_real_wan_id); - exec("/sbin/ifconfig $if_real_wan_id2 -promisc"); - exec("/bin/cp /var/log/system.log /var/log/snort/snort_sys_$id$if_real2.log"); - exec("/usr/bin/killall syslogd"); - exec("/usr/sbin/clog -i -s 262144 /var/log/system.log"); - exec("/usr/sbin/syslogd -c -ss -f /var/etc/syslog.conf"); - sleep(2); - exec("/bin/cp /var/log/system.log.bk /var/log/system.log"); - $after_mem2 = exec("/usr/bin/top | /usr/bin/grep Wired | /usr/bin/awk '{ print $2 }'"); - exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'MEM after {$id}{$if_real2} STOP {$after_mem2}'"); - exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'Interface Rule STOP for {$id}{$if_real2}...'"); - - header("Location: snort_interfaces.php"); + if ($snort_pid != "") { + exec("/bin/sh /usr/local/etc/rc.d/snort stop $name"); }else{ sync_snort_package_all(); - exec("/bin/sh /usr/local/etc/rc.d/snort_{$id}{$if_real2}.sh start"); - header("Location: snort_interfaces.php"); + exec("/bin/sh /usr/local/etc/rc.d/snort start $name"); } - + header("Location: snort_interfaces.php"); } $pgtitle = "Services: Snort 2.8.4.1_7 pkg v. 1.8 alpha"; @@ -375,10 +275,8 @@ padding: 15px 10px 50% 50px; /* convert fake interfaces to real and check if iface is up */ $if_real = convert_friendly_interface_to_real_interface_name($natent['interface']); - $color_up_pre = exec("/bin/cat /var/run/snort_{$if_real}{$nnats}{$if_real}.pid"); - $color_up_s = exec("/usr/bin/top -U snort -u | grep snort | grep {$color_up_pre}"); - $color_up_r = exec("/usr/bin/top -U root -u | grep snort | grep {$color_up_pre}"); - if ($color_up_s != "" || $color_up_r != "") { + $snort_pid = exec("pgrep -F /var/run/snort_{$if_real}{$nnats}{$if_real}.pid snort"); + if ($snort_pid) $class_color_up = "listbg2"; $iconfn = "block"; }else{ @@ -441,11 +339,8 @@ padding: 15px 10px 50% 50px; </td> <?php - $color2_udp_pre = exec("/bin/cat /var/run/barnyard2_{$nnats}{$if_real}.pid"); - - $color2_upb_s = exec("/usr/bin/top -U snort -u | grep barnyard2 | grep {$color2_udp_pre}"); - $color2_upb_r = exec("/usr/bin/top -U root -u | grep barnyard2 | grep {$color2_udp_pre}"); - if ($color2_upb_s != "" || $color2_upb_r != "") { + $byard_pid = exec("pgrep -F /var/run/barnyard2_{$nnats}{$if_real}.pid barnyard2"); + if ($byard_pid) $class_color_upb = "listbg2"; }else{ $class_color_upb = "listbg"; |