aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorrobiscool <robrob2626@yahoo.com>2009-10-06 15:13:43 -0700
committerrobiscool <robrob2626@yahoo.com>2009-10-06 15:13:43 -0700
commita39d18d35f155660bcba150985a330285d6df6cf (patch)
tree2bd40b4b5e3b2ea1cf95fc8cf67553755f3eb874 /config/snort
parent9fa04cd2b2e77a32bee61d5ebb64295ff05b7e8c (diff)
downloadpfsense-packages-a39d18d35f155660bcba150985a330285d6df6cf.tar.gz
pfsense-packages-a39d18d35f155660bcba150985a330285d6df6cf.tar.bz2
pfsense-packages-a39d18d35f155660bcba150985a330285d6df6cf.zip
snort snort-dev, do not clear snort2c table on filter reloads, add icmp packets
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort.inc5
-rw-r--r--config/snort/snort.xml4
-rw-r--r--config/snort/snort_dynamic_ip_reload.php6
3 files changed, 7 insertions, 8 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 7320db00..575192b9 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -1184,15 +1184,14 @@ preprocessor frag3_engine: policy first
preprocessor frag3_engine: policy bsd detect_anomalies
preprocessor stream5_global: max_tcp 8192, track_tcp yes, \
-track_udp yes
-# track_icmp yes
+track_udp yes, track_icmp yes
preprocessor stream5_tcp: bind_to any, policy windows
preprocessor stream5_tcp: bind_to any, policy linux
preprocessor stream5_tcp: bind_to any, policy vista
preprocessor stream5_tcp: bind_to any, policy macos
preprocessor stream5_tcp: policy BSD, ports both all, use_static_footprint_sizes
preprocessor stream5_udp
-# preprocessor stream5_icmp
+preprocessor stream5_icmp
##########################
#
diff --git a/config/snort/snort.xml b/config/snort/snort.xml
index 83ac38f0..763f65eb 100644
--- a/config/snort/snort.xml
+++ b/config/snort/snort.xml
@@ -46,8 +46,8 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>Snort</name>
- <version>2.8.4.1_3</version>
- <title>Services: Snort 2.8.4.1_3 pkg v. 1.6</title>
+ <version>2.8.4.1_5</version>
+ <title>Services: Snort 2.8.4.1_5 pkg v. 1.6</title>
<include_file>/usr/local/pkg/snort.inc</include_file>
<menu>
<name>Snort</name>
diff --git a/config/snort/snort_dynamic_ip_reload.php b/config/snort/snort_dynamic_ip_reload.php
index 7933ba16..0fad085b 100644
--- a/config/snort/snort_dynamic_ip_reload.php
+++ b/config/snort/snort_dynamic_ip_reload.php
@@ -3,7 +3,7 @@
/* $Id$ */
/*
snort_dynamic_ip_reload.php
- Copyright (C) 2006 Scott Ullrich
+ Copyright (C) 2006 Scott Ullrich and Robert Zeleya
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -29,6 +29,7 @@
*/
/* NOTE: this file gets included from the pfSense filter.inc plugin process */
+/* NOTE: file location /usr/local/pkg/pf, all files in pf dir get exec on filter reloads */
require_once("/usr/local/pkg/snort.inc");
require_once("service-utils.inc");
@@ -38,12 +39,11 @@ require_once("config.inc");
if($config['interfaces']['wan']['ipaddr'] == "pppoe" or
$config['interfaces']['wan']['ipaddr'] == "dhcp") {
create_snort_conf();
- mwexec("/sbin/pfctl -t snort2c -T flush");
exec("killall -HUP snort");
/* define snortbarnyardlog_chk */
$snortbarnyardlog_info_chk = $config['installedpackages']['snortadvanced']['config'][0]['snortbarnyardlog'];
if ($snortbarnyardlog_info_chk == on)
- exec("/usr/bin/killall barnyard2; /usr/local/bin/barnyard2 -c /usr/local/etc/barnyard2.conf -d /var/log/snort -f snort.u2 -w /usr/local/etc/snort/barnyard2.waldo -D -q\n");
+ exec("killall -HUP barnyard2");
}
?> \ No newline at end of file