snort-dev to snort, snort to snort-old, Release

1 files changed, 378 insertions, 0 deletions

diff --git a/config/snort-old/snort.xml b/config/snort-old/snort.xml
new file mode 100644
index 00000000..6f067f2d
--- /dev/null
+++ b/config/snort-old/snort.xml
@@ -0,0 +1,378 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
+<packagegui>
+        <copyright>
+        <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+    authng.xml
+    part of pfSense (http://www.pfsense.com)
+    Copyright (C) 2007 to whom it may belong
+    All rights reserved.
+
+    Based on m0n0wall (http://m0n0.ch/wall)
+    Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+    All rights reserved.
+                                                                              */
+/* ========================================================================== */
+/*
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+
+     1. Redistributions of source code must retain the above copyright notice,
+        this list of conditions and the following disclaimer.
+
+     2. Redistributions in binary form must reproduce the above copyright
+        notice, this list of conditions and the following disclaimer in the
+        documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+    POSSIBILITY OF SUCH DAMAGE.
+                                                                              */
+/* ========================================================================== */
+        ]]>
+        </copyright>
+    <description>Describe your package here</description>
+    <requirements>Describe your package requirements here</requirements>
+    <faq>Currently there are no FAQ items provided.</faq>
+	<name>Snort</name>
+	<version>2.8.4.1_5</version>
+	<title>Services: Snort 2.8.4.1_5 pkg v. 1.7</title>
+	<include_file>/usr/local/pkg/snort.inc</include_file>
+	<menu>
+		<name>Snort</name>
+		<tooltiptext>Setup snort specific settings</tooltiptext>
+		<section>Services</section>
+		<url>/pkg_edit.php?xml=snort.xml&amp;id=0</url>
+	</menu>
+	<service>
+		<name>snort</name>
+		<rcfile>snort.sh</rcfile>
+		<executable>snort</executable>
+		<description>Snort is the most widely deployed IDS/IPS technology worldwide..</description>
+	</service>
+	<tabs>
+		<tab>
+			<text>Settings</text>
+			<url>/pkg_edit.php?xml=snort.xml&amp;id=0</url>
+			<active/>
+		</tab>
+		<tab>
+			<text>Update Rules</text>
+			<url>/snort_download_rules.php</url>
+		</tab>
+		<tab>
+			<text>Categories</text>
+			<url>/snort_rulesets.php</url>
+		</tab>
+		<tab>
+			<text>Rules</text>
+			<url>/snort_rules.php</url>
+		</tab>
+		<tab>
+			<text>Servers</text>
+			<url>/pkg_edit.php?xml=snort_define_servers.xml&amp;id=0</url>
+		</tab>
+		<tab>
+			<text>Blocked</text>
+			<url>/snort_blocked.php</url>
+		</tab>
+		<tab>
+			<text>Whitelist</text>
+			<url>/pkg.php?xml=snort_whitelist.xml</url>
+		</tab>
+		<tab>
+			<text>Threshold</text>
+			<url>/pkg.php?xml=snort_threshold.xml</url>
+		</tab>
+		<tab>
+			<text>Alerts</text>
+			<url>/snort_alerts.php</url>
+		</tab>
+		<tab>
+			<text>Advanced</text>
+			<url>/pkg_edit.php?xml=snort_advanced.xml&amp;id=0</url>
+		</tab>
+	</tabs>
+	<additional_files_needed>
+		<prefix>/usr/local/pkg/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort.inc</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/bin/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/bin/barnyard2</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/bin/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/bin/oinkmaster_contrib/create-sidmap.pl</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/bin/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/bin/oinkmaster_contrib/oinkmaster.pl</item>
+	</additional_files_needed>	
+	<additional_files_needed>
+		<prefix>/usr/local/www/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_download_rules.php</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/www/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_rules.php</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/www/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_rules_edit.php</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/www/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_rulesets.php</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/pkg/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_whitelist.xml</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/www/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_blocked.php</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/pkg/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_check_for_rule_updates.php</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/www/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_alerts.php</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/pkg/pf/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_dynamic_ip_reload.php</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/pkg/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_advanced.xml</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/pkg/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_define_servers.xml</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/pkg/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/snort_threshold.xml</item>
+	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/pkg/</prefix>
+		<chmod>077</chmod>
+		<item>http://www.pfsense.com/packages/config/snort-old/pfsense_rules/local.rules</item>
+	</additional_files_needed>
+	<fields>
+		<field>
+			<fielddescr>Interface</fielddescr>
+			<fieldname>iface_array</fieldname>
+			<description>Select the interface(s) Snort will listen on.</description>
+			<type>interfaces_selection</type>
+			<size>3</size>
+			<value>lan</value>
+			<multiple>true</multiple>
+		</field>
+		<field>
+			<fielddescr>Memory Performance</fielddescr>
+			<fieldname>performance</fieldname>
+			<description>Lowmem and ac-bnfa are recommended for low end systems, Ac: high memory, best performance, ac-std: moderate memory,high performance, acs: small memory, moderateperformance, ac-banded: small memory,moderate performance, ac-sparsebands: small memory, high performance.</description>
+			<type>select</type>
+			<options>
+				<option>
+					<name>ac-bnfa</name>
+					<value>ac-bnfa</value>
+				</option>
+				<option>
+					<name>lowmem</name>
+					<value>lowmem</value>
+				</option>
+				<option>
+					<name>ac-std</name>
+					<value>ac-std</value>
+				</option>
+				<option>
+					<name>ac</name>
+					<value>ac</value>
+				</option>
+				<option>
+					<name>ac-banded</name>
+					<value>ac-banded</value>
+				</option>
+				<option>
+					<name>ac-sparsebands</name>
+					<value>ac-sparsebands</value>
+				</option>
+				<option>
+					<name>acs</name>
+					<value>acs</value>
+				</option>
+			</options>
+		</field>
+		<field>
+			<fielddescr>Oinkmaster code</fielddescr>
+			<fieldname>oinkmastercode</fieldname>
+			<description>Obtain a snort.org Oinkmaster code and paste here.</description>
+			<type>input</type>
+			<size>60</size>
+			<value></value>
+		</field>
+		<field>
+			<fielddescr>Snort.org subscriber</fielddescr>
+			<fieldname>subscriber</fieldname>
+			<description>Check this box if you are a Snort.org subscriber (premium rules).</description>
+			<type>checkbox</type>
+			<size>60</size>
+		</field>
+		<field>
+			<fielddescr>Block offenders</fielddescr>
+			<fieldname>blockoffenders7</fieldname>
+			<description>Checking this option will automatically block hosts that generate a snort alert.</description>
+			<type>checkbox</type>
+			<size>60</size>
+		</field>
+		<field>
+			<fielddescr>Remove blocked hosts every</fielddescr>
+			<fieldname>rm_blocked</fieldname>
+			<description>Please select the amount of time hosts are blocked</description>
+			<type>select</type>
+			<options>
+				<option>
+					<name>never</name>
+					<value>never_b</value>
+				</option>
+				<option>
+					<name>1 hour</name>
+					<value>1h_b</value>
+				</option>
+				<option>
+					<name>3 hours</name>
+					<value>3h_b</value>
+				</option>
+				<option>
+					<name>6 hours</name>
+					<value>6h_b</value>
+				</option>
+				<option>
+					<name>12 hours</name>
+					<value>12h_b</value>
+				</option>
+				<option>
+					<name>1 day</name>
+					<value>1d_b</value>
+				</option>
+				<option>
+					<name>4 days</name>
+					<value>4d_b</value>
+				</option>
+				<option>
+					<name>7 days</name>
+					<value>7d_b</value>
+				</option>
+				<option>
+					<name>28 days</name>
+					<value>28d_b</value>
+				</option>
+			</options>
+		</field>
+		<field>
+		</field>
+		<field>
+			<fielddescr>Update rules automatically</fielddescr>
+			<fieldname>autorulesupdate7</fieldname>
+			<description>Please select the update times for rules.</description>
+			<type>select</type>
+			<options>
+				<option>
+					<name>never</name>
+					<value>never_up</value>
+				</option>
+				<option>
+					<name>6 hours</name>
+					<value>6h_up</value>
+				</option>
+				<option>
+					<name>12 hours</name>
+					<value>12h_up</value>
+				</option>
+				<option>
+					<name>1 day</name>
+					<value>1d_up</value>
+				</option>
+				<option>
+					<name>4 days</name>
+					<value>4d_up</value>
+				</option>
+				<option>
+					<name>7 days</name>
+					<value>7d_up</value>
+				</option>
+				<option>
+					<name>28 days</name>
+					<value>28d_up</value>
+				</option>
+			</options>
+		</field>
+		<field>
+			<fielddescr>Whitelist VPNs automatically</fielddescr>
+			<fieldname>whitelistvpns</fieldname>
+			<description>Checking this option will install whitelists for all VPNs.</description>
+			<type>checkbox</type>
+		</field>
+		<field>
+			<fielddescr>Convert Snort alerts urls to clickable links</fielddescr>
+			<fieldname>clickablalerteurls</fieldname>
+			<description>Checking this option will automatically convert URLs in the Snort alerts tab to clickable links.</description>
+			<type>checkbox</type>
+		</field>
+		<field>
+			<fielddescr>Associate events on Blocked tab</fielddescr>
+			<fieldname>associatealertip</fieldname>
+			<description>Checking this option will automatically associate the blocked reason from the snort alerts file.</description>
+			<type>checkbox</type>
+		</field>
+		<field>
+			<fielddescr>Install emergingthreats rules.</fielddescr>
+			<fieldname>emergingthreats</fieldname>
+			<description>Emerging Threats is an open source community that produces fastest moving and diverse Snort Rules.</description>
+			<type>checkbox</type>
+		</field>
+    </fields>
+	<custom_php_resync_config_command>
+		sync_package_snort();
+	</custom_php_resync_config_command>
+	<custom_add_php_command>
+	</custom_add_php_command>
+    <custom_php_install_command>
+		sync_package_snort_reinstall();
+    </custom_php_install_command>
+	<custom_php_deinstall_command>
+		snort_deinstall();
+	</custom_php_deinstall_command>
+</packagegui>