aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort-dev
diff options
context:
space:
mode:
authorrobiscool <robrob2626@yahoo.com>2009-10-01 12:23:10 -0700
committerrobiscool <robrob2626@yahoo.com>2009-10-01 12:23:10 -0700
commitc2b6e0ddddbc3aecd1d7d4ba1278572b0e4a1ebb (patch)
tree6f1ad5e26af716a41c724c71c4aa581e321c43fd /config/snort-dev
parent71a3b727a3121c2bd081fe1f657f9dbe563e7064 (diff)
downloadpfsense-packages-c2b6e0ddddbc3aecd1d7d4ba1278572b0e4a1ebb.tar.gz
pfsense-packages-c2b6e0ddddbc3aecd1d7d4ba1278572b0e4a1ebb.tar.bz2
pfsense-packages-c2b6e0ddddbc3aecd1d7d4ba1278572b0e4a1ebb.zip
snort stable, add barnyard2 iterface hostname options
Diffstat (limited to 'config/snort-dev')
-rw-r--r--config/snort-dev/snort.xml42
-rw-r--r--config/snort-dev/snort_advanced.xml32
2 files changed, 55 insertions, 19 deletions
diff --git a/config/snort-dev/snort.xml b/config/snort-dev/snort.xml
index 4f039a97..3f6f91c8 100644
--- a/config/snort-dev/snort.xml
+++ b/config/snort-dev/snort.xml
@@ -46,8 +46,8 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>Snort</name>
- <version>2.8.4.1_1</version>
- <title>Services: Snort 2.8.4.1_2 pkg v. 1.6 RC5</title>
+ <version>2.8.4.1_2</version>
+ <title>Services: Snort 2.8.4.1_2 pkg v. 1.6</title>
<include_file>/usr/local/pkg/snort.inc</include_file>
<menu>
<name>Snort</name>
@@ -59,6 +59,7 @@
<name>snort</name>
<rcfile>snort.sh</rcfile>
<executable>snort</executable>
+ <description>Snort is the most widely deployed IDS/IPS technology worldwide..</description>
</service>
<tabs>
<tab>
@@ -194,6 +195,7 @@
<fieldname>iface_array</fieldname>
<description>Select the interface(s) Snort will listen on.</description>
<type>interfaces_selection</type>
+ <required/>
<size>3</size>
<value>lan</value>
<multiple>true</multiple>
@@ -233,6 +235,16 @@
<value>acs</value>
</option>
</options>
+ <required/>
+ </field>
+ <field>
+ </field>
+ <field>
+ <fielddescr>Install Snort.org rules.</fielddescr>
+ <fieldname>installsnortrules</fieldname>
+ <description>Free Snort.org rules that are maintained by Sourcefire. See the Pfsense Snort FAQ on how to get a subscription.</description>
+ <type>checkbox</type>
+ <required/>
</field>
<field>
<fielddescr>Oinkmaster code</fielddescr>
@@ -245,11 +257,27 @@
<field>
<fielddescr>Snort.org subscriber</fielddescr>
<fieldname>subscriber</fieldname>
- <description>Check this box if you are a Snort.org subscriber (premium rules).</description>
+ <description>Check this box if you are a Snort.org subscriber (premium rules). &lt;b&gt;HIGHLY RECOMMENDED!&lt;/b&gt;</description>
<type>checkbox</type>
<size>60</size>
</field>
<field>
+ </field>
+ <field>
+ <fielddescr>Install emergingthreats rules.</fielddescr>
+ <fieldname>emergingthreats</fieldname>
+ <description>Emerging Threats is an open source community that produces fastest moving and diverse Snort Rules.</description>
+ <type>checkbox</type>
+ <required/>
+ </field>
+ <field>
+ <fielddescr>Install Pfsense rules.</fielddescr>
+ <fieldname>installpfsenserules</fieldname>
+ <description>Snort rules that Pfsense maintainers have requested for their packages.</description>
+ <type>checkbox</type>
+ <required/>
+ </field>
+ <field>
<fielddescr>Block offenders</fielddescr>
<fieldname>blockoffenders7</fieldname>
<description>Checking this option will automatically block hosts that generate a snort alert.</description>
@@ -301,8 +329,6 @@
</options>
</field>
<field>
- </field>
- <field>
<fielddescr>Update rules automatically</fielddescr>
<fieldname>autorulesupdate7</fieldname>
<description>Please select the update times for rules.</description>
@@ -356,12 +382,6 @@
<description>Checking this option will automatically associate the blocked reason from the snort alerts file.</description>
<type>checkbox</type>
</field>
- <field>
- <fielddescr>Install emergingthreats rules.</fielddescr>
- <fieldname>emergingthreats</fieldname>
- <description>Emerging Threats is an open source community that produces fastest moving and diverse Snort Rules.</description>
- <type>checkbox</type>
- </field>
</fields>
<custom_php_resync_config_command>
sync_package_snort();
diff --git a/config/snort-dev/snort_advanced.xml b/config/snort-dev/snort_advanced.xml
index 6e81123f..1fdddda2 100644
--- a/config/snort-dev/snort_advanced.xml
+++ b/config/snort-dev/snort_advanced.xml
@@ -153,12 +153,12 @@
<description>Snort will log packets to a tcpdump-formatted file. The file then can be analyzed by a wireshark type of application. WARNING: File may become large.</description>
<type>checkbox</type>
</field>
- <field>
- <fielddescr>Enable Barnyard2.</fielddescr>
- <fieldname>snortbarnyardlog</fieldname>
- <description>This will enable barnyard2 in the snort package. You will also have to set the database credentials.</description>
- <type>checkbox</type>
- </field>
+ <field>
+ <fielddescr>Enable Barnyard2.</fielddescr>
+ <fieldname>snortbarnyardlog</fieldname>
+ <description>This will enable barnyard2 in the snort package. You will also have to set the database credentials.</description>
+ <type>checkbox</type>
+ </field>
<field>
<fielddescr>Barnyard2 Log Mysql Database.</fielddescr>
<fieldname>snortbarnyardlog_database</fieldname>
@@ -168,9 +168,25 @@
<value></value>
</field>
<field>
- <fielddescr>Log Alerts to a snort unified file.</fielddescr>
+ <fielddescr>Barnyard2 Configure Hostname ID.</fielddescr>
+ <fieldname>snortbarnyardlog_hostname</fieldname>
+ <description>Example: pfsense.local</description>
+ <type>input</type>
+ <size>25</size>
+ <value></value>
+ </field>
+ <field>
+ <fielddescr>Barnyard2 Configure Interface ID</fielddescr>
+ <fieldname>snortbarnyardlog_interface</fieldname>
+ <description>Example: vr0</description>
+ <type>input</type>
+ <size>25</size>
+ <value></value>
+ </field>
+ <field>
+ <fielddescr>Log Alerts to a snort unified2 file.</fielddescr>
<fieldname>snortunifiedlog</fieldname>
- <description>Snort will log Alerts to a file in the UNIFIED2 format. This is a requirement barnyard2.</description>
+ <description>Snort will log Alerts to a file in the UNIFIED2 format. This is a requirement for barnyard2.</description>
<type>checkbox</type>
</field>
</fields>