aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorrobiscool <robrob2626@yahoo.com>2010-07-29 19:58:32 -0700
committerrobiscool <robrob2626@yahoo.com>2010-07-29 19:58:32 -0700
commitfe6e3540fc404058b664b19fb7c0303c1b528f4a (patch)
tree2b805889b561ea7bb3365db260d4bd4226506296 /config/snort
parentda4d711d261d0c3c5c3d7831dad4cb301b2ec102 (diff)
downloadpfsense-packages-fe6e3540fc404058b664b19fb7c0303c1b528f4a.tar.gz
pfsense-packages-fe6e3540fc404058b664b19fb7c0303c1b528f4a.tar.bz2
pfsense-packages-fe6e3540fc404058b664b19fb7c0303c1b528f4a.zip
snort, update download and auto download rule sscript, change gen settings
Diffstat (limited to 'config/snort')
-rw-r--r--config/snort/snort_check_for_rule_updates.php339
-rw-r--r--config/snort/snort_download_rules.php79
-rw-r--r--config/snort/snort_interfaces.php2
-rw-r--r--config/snort/snort_interfaces_global.php52
4 files changed, 234 insertions, 238 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index 9bc2d5b8..31cdc42d 100644
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -29,49 +29,15 @@
*/
/* Setup enviroment */
-$tmpfname = "/usr/local/etc/snort/tmp/snort_rules_up";
-$snortdir = "/usr/local/etc/snort";
-$snortdir_wan = "/usr/local/etc/snort";
-$snort_filename_md5 = "snortrules-snapshot-2.8.tar.gz.md5";
-$snort_filename = "snortrules-snapshot-2.8.tar.gz";
-$emergingthreats_filename_md5 = "version.txt";
-$emergingthreats_filename = "emerging.rules.tar.gz";
-$pfsense_rules_filename_md5 = "pfsense_rules.tar.gz.md5";
-$pfsense_rules_filename = "pfsense_rules.tar.gz";
+/* TODO: review if include files are needed */
require_once("globals.inc");
+require_once("functions.inc");
+require_once("service-utils.inc");
require_once("/usr/local/pkg/snort/snort.inc");
//////////////////////////////
-
-function download_file_with_progress_bar2($url_file, $destination_file) {
- global $ch, $fout, $file_size, $downloaded, $pkg_interface;
- $file_size = 1;
- $downloaded = 1;
- /* open destination file */
- $fout = fopen($destination_file, "wb");
-
- /*
- * Originally by Author: Keyvan Minoukadeh
- * Modified by Scott Ullrich to return Content-Length size
- */
-
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url_file);
- curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header2');
- curl_setopt($ch, CURLOPT_WRITEFUNCTION, 'read_body2');
- curl_setopt($ch, CURLOPT_NOPROGRESS, '1');
- curl_setopt($ch, CURLOPT_TIMEOUT, 0);
-
- curl_exec($ch);
- $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
- if($fout)
- fclose($fout);
- curl_close($ch);
- return ($http_code == 200) ? true : $http_code;
-}
-
function read_header2($ch, $string) {
global $file_size, $fout;
$length = strlen($string);
@@ -107,14 +73,80 @@ function read_body2($ch, $string) {
return $length;
}
+////////////////////////////////>>>>>>>>>>
+
+function read_body_firmware($ch, $string) {
+ global $fout, $file_size, $downloaded, $counter, $version, $latest_version, $current_installed_pfsense_version;
+ $length = strlen($string);
+ $downloaded += intval($length);
+ $downloadProgress = round(100 * (1 - $downloaded / $file_size), 0);
+ $downloadProgress = 100 - $downloadProgress;
+ $a = $file_size;
+ $b = $downloaded;
+ $c = $downloadProgress;
+ $text = " Snort download in progress\\n";
+ $text .= "----------------------------------------------------\\n";
+ $text .= " Downloaded : {$b}\\n";
+ $text .= "----------------------------------------------------\\n";
+ $counter++;
+ if($counter > 150) {
+ update_output_window($text);
+ update_progress_bar($downloadProgress);
+ flush();
+ $counter = 0;
+ }
+ fwrite($fout, $string);
+ return $length;
+}
+
+function download_file_with_progress_bar2($url_file, $destination_file, $readbody = 'read_body') {
+ global $ch, $fout, $file_size, $downloaded;
+ $file_size = 1;
+ $downloaded = 1;
+ /* open destination file */
+ $fout = fopen($destination_file, "wb");
+
+ /*
+ * Originally by Author: Keyvan Minoukadeh
+ * Modified by Scott Ullrich to return Content-Length size
+ */
+
+ $ch = curl_init();
+ curl_setopt($ch, CURLOPT_URL, $url_file);
+ curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header');
+ curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ curl_setopt($ch, CURLOPT_WRITEFUNCTION, $readbody);
+ curl_setopt($ch, CURLOPT_NOPROGRESS, '1');
+ curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '5');
+ curl_setopt($ch, CURLOPT_TIMEOUT, 0);
+
+ curl_exec($ch);
+ $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+ if($fout)
+ fclose($fout);
+ curl_close($ch);
+ return ($http_code == 200) ? true : $http_code;
+}
+
//////////////////////////////
+$tmpfname = "/usr/local/etc/snort/tmp/snort_rules_up";
+$snortdir = "/usr/local/etc/snort";
+$snortdir_wan = "/usr/local/etc/snort";
+$snort_filename_md5 = "snortrules-snapshot-2860.tar.gz.md5";
+$snort_filename = "snortrules-snapshot-2860.tar.gz";
+$emergingthreats_filename_md5 = "version.txt";
+$emergingthreats_filename = "emerging.rules.tar.gz";
+$pfsense_rules_filename_md5 = "pfsense_rules.tar.gz.md5";
+$pfsense_rules_filename = "pfsense_rules.tar.gz";
+
/* define checks */
$oinkid = $config['installedpackages']['snortglobal']['oinkmastercode'];
$snortdownload = $config['installedpackages']['snortglobal']['snortdownload'];
$emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats'];
-if ($oinkid == "" && $snortdownload != "off")
+if ($oinkid == '' && $snortdownload == 'on')
{
echo "You must obtain an oinkid from snort.org and set its value in the Snort settings tab.\n";
exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'You must obtain an oinkid from snort.org and set its value in the Snort settings tab.'");
@@ -150,7 +182,7 @@ if (!file_exists('/usr/local/etc/snort/tmp')) {
/* Set user agent to Mozilla */
ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
-ini_set("memory_limit","125M");
+ini_set("memory_limit","150M");
/* mark the time update started */
$config['installedpackages']['snortglobal']['last_md5_download'] = date("Y-M-jS-h:i-A");
@@ -159,28 +191,13 @@ $config['installedpackages']['snortglobal']['last_md5_download'] = date("Y-M-jS-
ob_flush();
conf_mount_rw();
-$premium_subscriber_chk = $config['installedpackages']['snortglobal']['snortdownload'];
-
-if ($premium_subscriber_chk == "premium") {
- $premium_subscriber = "_s";
-}else{
- $premium_subscriber = "";
-}
-
-$premium_url_chk = $config['installedpackages']['snortglobal']['snortdownload'];
-if ($premium_url_chk == "premium") {
- $premium_url = "sub-rules";
-}else{
- $premium_url = "reg-rules";
-}
-
/* send current buffer */
ob_flush();
conf_mount_rw();
/* remove old $tmpfname files */
if (file_exists("{$tmpfname}")) {
- echo "Removing old tmp files...\n";
+ echo 'Removing old tmp files...' . "\n";
exec("/bin/rm -r {$tmpfname}");
apc_clear_cache();
}
@@ -197,63 +214,62 @@ conf_mount_rw();
/* If tmp dir does not exist create it */
if (file_exists($tmpfname)) {
- echo "The directory tmp exists...\n";
+ echo 'The directory tmp exists...' . "\n";
} else {
mkdir("{$tmpfname}", 700);
}
/* download md5 sig from snort.org */
-if ($snortdownload == "basic" || $snortdownload == "premium")
+if ($snortdownload == 'on')
{
if (file_exists("{$tmpfname}/{$snort_filename_md5}") &&
filesize("{$tmpfname}/{$snort_filename_md5}") > 0) {
- echo "snort.org md5 temp file exists...\n";
+ echo 'snort.org md5 temp file exists...' . "\n";
} else {
- echo "Downloading snort.org md5 file...\n";
+ echo 'Downloading snort.org md5 file...' . "\n";
ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
- $image = @file_get_contents("http://dl.snort.org/{$premium_url}/snortrules-snapshot-2860{$premium_subscriber}.tar.gz.md5?oink_code={$oinkid}");
-// $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-2.8{$premium_subscriber}.tar.gz.md5");
- $f = fopen("{$tmpfname}/snortrules-snapshot-2.8.tar.gz.md5", 'w');
+ $image = @file_get_contents("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename_md5}");
+ $f = fopen("{$tmpfname}/{$snort_filename_md5}", 'w');
fwrite($f, $image);
fclose($f);
- echo "Done downloading snort.org md5\n";
+ echo 'Done downloading snort.org md5' . "\n";
}
}
/* download md5 sig from emergingthreats.net */
if ($emergingthreats == "on")
{
- echo "Downloading emergingthreats md5 file...\n";
+ echo 'Downloading emergingthreats md5 file...' . "\n";
ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
$image = @file_get_contents("http://www.emergingthreats.net/version.txt");
// $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/version.txt");
$f = fopen("{$tmpfname}/version.txt", 'w');
fwrite($f, $image);
fclose($f);
- echo "Done downloading emergingthreats md5\n";
+ echo 'Done downloading emergingthreats md5' . "\n";
}
/* download md5 sig from pfsense.org */
if (file_exists("{$tmpfname}/{$pfsense_rules_filename_md5}")) {
- echo "pfsense md5 temp file exists...\n";
+ echo 'Pfsense md5 temp file exists...' . "\n";
} else {
- echo "Downloading pfsense md5 file...\n";
+ echo 'Downloading pfsense md5 file...' . "\n";
ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
$image = @file_get_contents("http://www.pfsense.com/packages/config/snort/pfsense_rules/pfsense_rules.tar.gz.md5");
// $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/pfsense_rules.tar.gz.md5");
$f = fopen("{$tmpfname}/pfsense_rules.tar.gz.md5", 'w');
fwrite($f, $image);
fclose($f);
- echo "Done downloading pfsense md5.\n";
+ echo 'Done downloading pfsense md5.' . "\n";
}
/* If md5 file is empty wait 15min exit */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
- if (0 == filesize("{$tmpfname}/snortrules-snapshot-2.8.tar.gz.md5"))
+ if (0 == filesize("{$tmpfname}/{$snort_filename_md5}"))
{
- echo "Please wait... You may only check for New Rules every 15 minutes...\n";
- echo "Rules are released every month from snort.org. You may download the Rules at any time.\n";
+ echo 'Please wait... You may only check for New Rules every 15 minutes...' . "\n";
+ echo 'Rules are released every month from snort.org. You may download the Rules at any time.' . "\n";
conf_mount_ro();
exit(0);
}
@@ -263,16 +279,16 @@ if ($snortdownload != "off")
/* If pfsense md5 file is empty wait 15min exit */
if (0 == filesize("{$tmpfname}/$pfsense_rules_filename_md5")){
- echo "Please wait... You may only check for New Pfsense Rules every 15 minutes...\n";
- echo "Rules are released to support Pfsense packages.\n";
-conf_mount_ro();
+ echo 'Please wait... You may only check for New Pfsense Rules every 15 minutes...' . "\n";
+ echo 'Rules are released to support Pfsense packages.' . "\n";
+ conf_mount_ro();
exit(0);
}
/* Check if were up to date snort.org */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
- if (file_exists("{$snortdir}/snortrules-snapshot-2.8.tar.gz.md5"))
+ if (file_exists("{$snortdir}/{$snort_filename_md5}"))
{
$md5_check_new_parse = file_get_contents("{$tmpfname}/{$snort_filename_md5}");
$md5_check_new = `/bin/echo "{$md5_check_new_parse}" | /usr/bin/awk '{ print $1 }'`;
@@ -283,9 +299,9 @@ if ($snortdownload != "off")
conf_mount_rw();
if ($md5_check_new == $md5_check_old)
{
- echo "Your rules are up to date...\n";
- echo "You may start Snort now, check update.\n";
- $snort_md5_check_ok = on;
+ echo 'Your rules are up to date...' . "\n";
+ echo 'You may start Snort now, check update.' . "\n";
+ $snort_md5_check_ok = on;
}
}
}
@@ -305,7 +321,7 @@ if ($emergingthreats == "on")
conf_mount_rw();
if ($emerg_md5_check_new == $emerg_md5_check_old)
{
- $emerg_md5_check_ok = on;
+ $emerg_md5_check_ok = on;
}
}
}
@@ -323,48 +339,48 @@ if ($emergingthreats == "on")
conf_mount_rw();
if ($pfsense_md5_check_new == $pfsense_md5_check_old)
{
- $pfsense_md5_check_ok = on;
+ $pfsense_md5_check_ok = on;
}
}
/* Check if were up to date is so, exit */
/* WARNING This code needs constant checks */
-if ($snortdownload != "off" && $emergingthreats != "off")
+if ($snortdownload == 'on' && $emergingthreats == 'on')
{
- if ($snort_md5_check_ok == "on" && $emerg_md5_check_ok == "on")
+ if ($snort_md5_check_ok == 'on' && $emerg_md5_check_ok == 'on')
{
- echo "All your rules are up to date...\n";
- echo "You may start Snort now...\n";
+ echo 'All your rules are up to date...' . "\n";
+ echo 'You may start Snort now...' . "\n";
conf_mount_ro();
exit(0);
}
}
-if ($snortdownload == "on" && $emergingthreats == "off")
+if ($snortdownload == 'on' && $emergingthreats == 'off')
{
- if ($snort_md5_check_ok == "on")
+ if ($snort_md5_check_ok == 'on')
{
- echo "Your snort.org rules are up to date...\n";
- echo "You may start Snort now...\n";
+ echo 'Your snort.org rules are up to date...' . "\n";
+ echo 'You may start Snort now...' . "\n";
conf_mount_ro();
exit(0);
}
}
-if ($snortdownload == "off" && $emergingthreats == "on")
+if ($snortdownload == 'off' && $emergingthreats == 'on')
{
- if ($emerg_md5_check_ok == "on")
+ if ($emerg_md5_check_ok == 'on')
{
- echo "Your Emergingthreats rules are up to date...\n";
- echo "You may start Snort now...\n";
+ echo 'Your Emergingthreats rules are up to date...' . "\n";
+ echo 'You may start Snort now...' . "\n";
conf_mount_ro();
exit(0);
}
}
/* You are Not Up to date, always stop snort when updating rules for low end machines */;
-echo "You are NOT up to date...\n";
-echo "Stopping Snort service...\n";
+echo 'You are NOT up to date...' . "\n";
+echo 'Stopping Snort service...' . "\n";
$chk_if_snort_up = exec("pgrep -x snort");
if ($chk_if_snort_up != "") {
exec("/usr/bin/touch /tmp/snort_download_halt.pid");
@@ -373,21 +389,22 @@ if ($chk_if_snort_up != "") {
}
/* download snortrules file */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
if ($snort_md5_check_ok != on) {
if (file_exists("{$tmpfname}/{$snort_filename}")) {
- echo "Snortrule tar file exists...\n";
+ echo 'Snortrule tar file exists...' . "\n";
} else {
- echo "There is a new set of Snort.org rules posted. Downloading...\n";
- echo "May take 4 to 10 min...\n";
- download_file_with_progress_bar2("http://dl.snort.org/{$premium_url}/snortrules-snapshot-2860{$premium_subscriber}.tar.gz?oink_code={$oinkid}", $tmpfname . "/{$snort_filename}");
- echo "Done downloading rules file.\n";
- if (150000 > filesize("{$tmpfname}/{$snort_filename}")){
- echo "Error with the snort rules download...\n";
- echo "Snort rules file downloaded failed...\n";
- conf_mount_ro();
- exit(0);
+ echo 'There is a new set of Snort.org rules posted. Downloading...' . "\n";
+ echo 'May take 4 to 10 min...' . "\n";
+ conf_mount_rw();
+ download_file_with_progress_bar2("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename}", $tmpfname . "/{$snort_filename}", "read_body_firmware");
+ echo 'Done downloading rules file.' . "\n";
+ if (150000 > filesize("{$tmpfname}/$snort_filename")){
+ echo 'Error with the snort rules download...' . "\n";
+ echo 'Snort rules file downloaded failed...' . "\n";
+ conf_mount_ro();
+ exit(0);
}
}
}
@@ -400,12 +417,12 @@ if ($emergingthreats == "on")
{
if (file_exists("{$tmpfname}/{$emergingthreats_filename}"))
{
- echo "Emergingthreats tar file exists...\n";
+ echo 'Emergingthreats tar file exists...' . "\n";
}else{
- echo "There is a new set of Emergingthreats rules posted. Downloading...\n";
- echo "May take 4 to 10 min...\n";
- download_file_with_progress_bar2("http://www.emergingthreats.net/rules/emerging.rules.tar.gz", $tmpfname . "/{$emergingthreats_filename}");
- echo "Done downloading Emergingthreats rules file.\n";
+ echo 'There is a new set of Emergingthreats rules posted. Downloading...' . "\n";
+ echo 'May take 4 to 10 min...' . "\n";
+ download_file_with_progress_bar2("http://www.emergingthreats.net/rules/emerging.rules.tar.gz", $tmpfname . "/{$emergingthreats_filename}", "read_body_firmware");
+ echo 'Done downloading Emergingthreats rules file.' . "\n";
}
}
}
@@ -413,12 +430,12 @@ if ($emergingthreats == "on")
/* download pfsense rules file */
if ($pfsense_md5_check_ok != on) {
if (file_exists("{$tmpfname}/{$pfsense_rules_filename}")) {
- echo "Snortrule tar file exists...\n";
+ echo 'Snortrule tar file exists...' . "\n";
} else {
- echo "There is a new set of Pfsense rules posted. Downloading...\n";
- echo "May take 4 to 10 min...\n";
- download_file_with_progress_bar2("http://www.pfsense.com/packages/config/snort/pfsense_rules/pfsense_rules.tar.gz", $tmpfname . "/{$pfsense_rules_filename}");
- echo "Done downloading rules file.\n";
+ echo 'There is a new set of Pfsense rules posted. Downloading...' . "\n";
+ echo 'May take 4 to 10 min...' . "\n";
+ download_file_with_progress_bar2("http://www.pfsense.com/packages/config/snort/pfsense_rules/pfsense_rules.tar.gz", $tmpfname . "/{$pfsense_rules_filename}", "read_body_firmware");
+ echo 'Done downloading rules file.' . "\n";
}
}
@@ -451,7 +468,7 @@ if (file_exists("{$tmpfname}/{$pfsense_rules_filename}")) {
//}
/* Untar snort rules file individually to help people with low system specs */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
if ($snort_md5_check_ok != on) {
if (file_exists("{$tmpfname}/{$snort_filename}")) {
@@ -463,8 +480,8 @@ if ($snortdownload != "off")
$freebsd_version_so = 'FreeBSD-8-0';
}
- echo "Extracting Snort.org rules...\n";
- echo "May take a while...\n";
+ echo 'Extracting Snort.org rules...' . "\n";
+ echo 'May take a while...' . "\n";
/* extract snort.org rules and add prefix to all snort.org files*/
exec("/bin/rm -r {$snortdir}/rules");
sleep(2);
@@ -519,10 +536,10 @@ if ($snortdownload != "off")
exec("/bin/mv -f {$snortdir}/etc/* {$snortdir}");
exec("/bin/rm -r {$snortdir}/etc");
- echo "Done extracting Snort.org Rules.\n";
+ echo 'Done extracting Snort.org Rules.' . "\n";
}else{
- echo "Error extracting Snort.org Rules...\n";
- echo "Error Line 453\n";
+ echo 'Error extracting Snort.org Rules...' . "\n";
+ echo 'Error Line 755' . "\n";
conf_mount_ro();
exit(0);
}
@@ -536,8 +553,8 @@ if ($emergingthreats == "on")
{
if (file_exists("{$tmpfname}/{$emergingthreats_filename}"))
{
- echo "Extracting rules...\n";
- echo "May take a while...\n";
+ echo 'Extracting rules...' . "\n";
+ echo 'May take a while...' . "\n";
exec("/usr/bin/tar xzf {$tmpfname}/{$emergingthreats_filename} -C {$snortdir} rules/");
}
}
@@ -546,8 +563,8 @@ if ($emergingthreats == "on")
/* Untar Pfsense rules to tmp */
if ($pfsense_md5_check_ok != on) {
if (file_exists("{$tmpfname}/{$pfsense_rules_filename}")) {
- echo "Extracting Pfsense rules...\n";
- echo "May take a while...\n";
+ echo 'Extracting Pfsense rules...' . "\n";
+ echo 'May take a while...' . "\n";
exec("/usr/bin/tar xzf {$tmpfname}/{$pfsense_rules_filename} -C {$snortdir} rules/");
}
}
@@ -557,24 +574,24 @@ if ($snort_md5_check_ok != on) {
if (file_exists("{$tmpfname}/{$snort_filename}")) {
$signature_info_chk = $config['installedpackages']['snortglobal']['signatureinfo'];
if ($premium_url_chk == on) {
- echo "Extracting Signatures...\n";
- echo "May take a while...\n";
+ echo 'Extracting Signatures...' . "\n";
+ echo 'May take a while...' . "\n";
exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} doc/signatures/");
- echo "Done extracting Signatures.\n";
+ echo 'Done extracting Signatures.' . "\n";
}
}
}
/* Copy md5 sig to snort dir */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
if ($snort_md5_check_ok != on) {
if (file_exists("{$tmpfname}/$snort_filename_md5")) {
- echo "Copying md5 sig to snort directory...\n";
+ echo 'Copying md5 sig to snort directory...' . "\n";
exec("/bin/cp {$tmpfname}/$snort_filename_md5 {$snortdir}/$snort_filename_md5");
}else{
- echo "The md5 file does not exist...\n";
- echo "Error copying config...\n";
+ echo 'The md5 file does not exist...' . "\n";
+ echo 'Error copying config...' . "\n";
conf_mount_ro();
exit(0);
}
@@ -588,11 +605,11 @@ if ($emergingthreats == "on")
{
if (file_exists("{$tmpfname}/$emergingthreats_filename_md5"))
{
- echo "Copying md5 sig to snort directory...\n";
+ echo 'Copying md5 sig to snort directory...' . "\n";
exec("/bin/cp {$tmpfname}/$emergingthreats_filename_md5 {$snortdir}/$emergingthreats_filename_md5");
}else{
- echo "The emergingthreats md5 file does not exist...\n";
- echo "Error copying config...\n";
+ echo 'The emergingthreats md5 file does not exist...' . "\n";
+ echo 'Error copying config...' . "\n";
conf_mount_ro();
exit(0);
}
@@ -602,18 +619,19 @@ if ($emergingthreats == "on")
/* Copy Pfsense md5 sig to snort dir */
if ($pfsense_md5_check_ok != on) {
if (file_exists("{$tmpfname}/$pfsense_rules_filename_md5")) {
- echo "Copying Pfsense md5 sig to snort directory...\n";
+ echo 'Copying Pfsense md5 sig to snort directory...' . "\n";
exec("/bin/cp {$tmpfname}/$pfsense_rules_filename_md5 {$snortdir}/$pfsense_rules_filename_md5");
} else {
- echo "The Pfsense md5 file does not exist...\n";
- echo "Error copying config...\n";
+ update_status(gettext(""));
+ echo 'The Pfsense md5 file does not exist...' . "\n";
+ echo 'Error copying config...' . "\n";
conf_mount_ro();
exit(0);
}
}
/* Copy signatures dir to snort dir */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
if ($snort_md5_check_ok != on)
{
@@ -621,14 +639,14 @@ if ($snortdownload != "off")
if ($premium_url_chk == on)
{
if (file_exists("{$snortdir}/doc/signatures")) {
- echo "Copying signatures...\n";
- echo "May take a while...\n";
+ echo 'Copying signatures...' . "\n";
+ echo 'May take a while...' . "\n";
exec("/bin/mv -f {$snortdir}/doc/signatures {$snortdir}/signatures");
exec("/bin/rm -r {$snortdir}/doc/signatures");
- echo "Done copying signatures.\n";
+ echo 'Done copying signatures.' . "\n";
}else{
- echo "Directory signatures exist...\n";
- echo "Error copying signature...\n";
+ echo 'Directory signatures exist...' . "\n";
+ echo 'Error copying signature...' . "\n";
conf_mount_ro();
exit(0);
}
@@ -659,11 +677,10 @@ exec("/usr/local/bin/perl -pi -e 's/##alert/# alert/g' /usr/local/etc/snort/rule
exec("/usr/local/bin/perl -pi -e 's/## alert/# alert/g' /usr/local/etc/snort/rules/*.rules");
/* create a msg-map for snort */
-echo "Updating Alert Messages...\n";
-echo "Please Wait...\n";
+echo 'Updating Alert Messages...' . "\n";
+echo 'Please Wait...' . "\n";
exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort/rules > /usr/local/etc/snort/sid-msg.map");
-
//////////////////
/* open oinkmaster_conf for writing" function */
@@ -736,8 +753,8 @@ function oinkmaster_run($id, $if_real, $iface_uuid)
if ($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_on'] == '' && $config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_off'] == '')
{
- echo "Your first set of rules are being copied...\n";
- echo "May take a while...\n";
+ echo 'Your first set of rules are being copied...' . "\n";
+ echo 'May take a while...' . "\n";
exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}/rules/");
exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
@@ -747,8 +764,8 @@ function oinkmaster_run($id, $if_real, $iface_uuid)
exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
}else{
- echo "Your enable and disable changes are being applied to your fresh set of rules...\n";
- echo "May take a while...\n";
+ echo 'Your enable and disable changes are being applied to your fresh set of rules...' . "\n";
+ echo 'May take a while...' . "\n";
exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}/rules/");
exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
@@ -797,7 +814,7 @@ $config['installedpackages']['snortglobal']['last_rules_install'] = date("Y-M-jS
/* remove old $tmpfname files */
if (file_exists('/usr/local/etc/snort/tmp'))
{
- echo "Cleaning up...\n";
+ echo 'Cleaning up...' . "\n";
exec("/bin/rm -r /usr/local/etc/snort/tmp/snort_rules_up");
sleep(2);
exec("/bin/rm -r /usr/local/etc/snort/tmp/rules_bk");
@@ -821,17 +838,15 @@ exec("/bin/chmod -R 755 /usr/local/lib/snort");
/* if snort is running hardrestart, if snort is not running do nothing */
if (file_exists("/tmp/snort_download_halt.pid")) {
exec("/bin/sh /usr/local/etc/rc.d/snort.sh start");
- echo "The Rules update finished...\n";
- echo "Snort has restarted with your new set of rules...\n";
+ echo 'The Rules update finished...' . "\n";
+ echo 'Snort has restarted with your new set of rules...' . "\n";
exec("/bin/rm /tmp/snort_download_halt.pid");
} else {
- echo "The Rules update finished...\n";
- echo "You may start snort now...\n";
+ echo 'The Rules update finished...' . "\n";
+ echo 'You may start snort now...' . "\n\n";
}
-/* copy log to snortdir */
-exec('/bin/cp /tmp/snort_update.log /usr/local/etc/snort/snort_update.log');
-
+/* script finnished make system read only again */
conf_mount_ro();
-?>
+?> \ No newline at end of file
diff --git a/config/snort/snort_download_rules.php b/config/snort/snort_download_rules.php
index b299bed8..86640a57 100644
--- a/config/snort/snort_download_rules.php
+++ b/config/snort/snort_download_rules.php
@@ -39,8 +39,8 @@ require_once("/usr/local/pkg/snort/snort.inc");
$tmpfname = "/usr/local/etc/snort/tmp/snort_rules_up";
$snortdir = "/usr/local/etc/snort";
$snortdir_wan = "/usr/local/etc/snort";
-$snort_filename_md5 = "snortrules-snapshot-2.8.tar.gz.md5";
-$snort_filename = "snortrules-snapshot-2.8.tar.gz";
+$snort_filename_md5 = "snortrules-snapshot-2860.tar.gz.md5";
+$snort_filename = "snortrules-snapshot-2860.tar.gz";
$emergingthreats_filename_md5 = "version.txt";
$emergingthreats_filename = "emerging.rules.tar.gz";
$pfsense_rules_filename_md5 = "pfsense_rules.tar.gz.md5";
@@ -59,15 +59,14 @@ $oinkid = $config['installedpackages']['snortglobal']['oinkmastercode'];
$snortdownload = $config['installedpackages']['snortglobal']['snortdownload'];
$emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats'];
-
- if ($snortdownload == "off" && $emergingthreats != "on")
+ if ($snortdownload == 'off' && $emergingthreats != 'on')
{
- $snort_emrging_info = "stop";
+ $snort_emrging_info = 'stop';
}
- if ($oinkid == "" && $snortdownload != "off")
+ if ($oinkid == "" && $snortdownload != 'off')
{
- $snort_oinkid_info = "stop";
+ $snort_oinkid_info = 'stop';
}
@@ -324,7 +323,7 @@ if (!file_exists('/usr/local/etc/snort/tmp')) {
/* Set user agent to Mozilla */
ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
-ini_set("memory_limit","125M");
+ini_set("memory_limit","150M");
/* mark the time update started */
$config['installedpackages']['snortglobal']['last_md5_download'] = date("Y-M-jS-h:i-A");
@@ -333,21 +332,6 @@ $config['installedpackages']['snortglobal']['last_md5_download'] = date("Y-M-jS-
ob_flush();
conf_mount_rw();
-$premium_subscriber_chk = $config['installedpackages']['snortglobal']['snortdownload'];
-
-if ($premium_subscriber_chk == "premium") {
- $premium_subscriber = "_s";
-}else{
- $premium_subscriber = "";
-}
-
-$premium_url_chk = $config['installedpackages']['snortglobal']['snortdownload'];
-if ($premium_url_chk == "premium") {
- $premium_url = "sub-rules";
-}else{
- $premium_url = "reg-rules";
-}
-
/* hide progress bar */
hide_progress_bar_status();
@@ -382,8 +366,10 @@ if (file_exists($tmpfname)) {
/* unhide progress bar and lets end this party */
unhide_progress_bar_status();
+
+
/* download md5 sig from snort.org */
-if ($snortdownload == "basic" || $snortdownload == "premium")
+if ($snortdownload == 'on')
{
if (file_exists("{$tmpfname}/{$snort_filename_md5}") &&
filesize("{$tmpfname}/{$snort_filename_md5}") > 0) {
@@ -391,9 +377,8 @@ if ($snortdownload == "basic" || $snortdownload == "premium")
} else {
update_status(gettext("Downloading snort.org md5 file..."));
ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
- $image = @file_get_contents("http://www.snort.org/{$premium_url}/snortrules-snapshot-2860.tar.gz.md5/{$oinkid}");
-// $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-2.8{$premium_subscriber}.tar.gz.md5");
- $f = fopen("{$tmpfname}/snortrules-snapshot-2.8.tar.gz.md5", 'w');
+ $image = @file_get_contents("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename_md5}");
+ $f = fopen("{$tmpfname}/{$snort_filename_md5}", 'w');
fwrite($f, $image);
fclose($f);
update_status(gettext("Done downloading snort.org md5"));
@@ -428,9 +413,9 @@ if (file_exists("{$tmpfname}/{$pfsense_rules_filename_md5}")) {
}
/* If md5 file is empty wait 15min exit */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
- if (0 == filesize("{$tmpfname}/snortrules-snapshot-2.8.tar.gz.md5"))
+ if (0 == filesize("{$tmpfname}/{$snort_filename_md5}"))
{
update_status(gettext("Please wait... You may only check for New Rules every 15 minutes..."));
update_output_window(gettext("Rules are released every month from snort.org. You may download the Rules at any time."));
@@ -472,9 +457,9 @@ conf_mount_ro();
}
/* Check if were up to date snort.org */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
- if (file_exists("{$snortdir}/snortrules-snapshot-2.8.tar.gz.md5"))
+ if (file_exists("{$snortdir}/{$snort_filename_md5}"))
{
$md5_check_new_parse = file_get_contents("{$tmpfname}/{$snort_filename_md5}");
$md5_check_new = `/bin/echo "{$md5_check_new_parse}" | /usr/bin/awk '{ print $1 }'`;
@@ -535,9 +520,9 @@ if ($emergingthreats == "on")
/* Check if were up to date is so, exit */
/* WARNING This code needs constant checks */
-if ($snortdownload != "off" && $emergingthreats != "off")
+if ($snortdownload == 'on' && $emergingthreats == 'on')
{
- if ($snort_md5_check_ok == "on" && $emerg_md5_check_ok == "on")
+ if ($snort_md5_check_ok == 'on' && $emerg_md5_check_ok == 'on')
{
update_status(gettext("All your rules are up to date..."));
update_output_window(gettext("You may start Snort now..."));
@@ -554,9 +539,9 @@ if ($snortdownload != "off" && $emergingthreats != "off")
}
}
-if ($snortdownload == "on" && $emergingthreats == "off")
+if ($snortdownload == 'on' && $emergingthreats == 'off')
{
- if ($snort_md5_check_ok == "on")
+ if ($snort_md5_check_ok == 'on')
{
update_status(gettext("Your snort.org rules are up to date..."));
update_output_window(gettext("You may start Snort now..."));
@@ -573,9 +558,9 @@ if ($snortdownload == "on" && $emergingthreats == "off")
}
}
-if ($snortdownload == "off" && $emergingthreats == "on")
+if ($snortdownload == 'off' && $emergingthreats == 'on')
{
- if ($emerg_md5_check_ok == "on")
+ if ($emerg_md5_check_ok == 'on')
{
update_status(gettext("Your Emergingthreats rules are up to date..."));
update_output_window(gettext("You may start Snort now..."));
@@ -603,7 +588,7 @@ if ($chk_if_snort_up != "") {
}
/* download snortrules file */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
if ($snort_md5_check_ok != on) {
if (file_exists("{$tmpfname}/{$snort_filename}")) {
@@ -612,12 +597,13 @@ if ($snortdownload != "off")
unhide_progress_bar_status();
update_status(gettext("There is a new set of Snort.org rules posted. Downloading..."));
update_output_window(gettext("May take 4 to 10 min..."));
-// download_file_with_progress_bar("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-2.8{$premium_subscriber}.tar.gz", $tmpfname . "/{$snort_filename}", "read_body_firmware");
- snort_download_file_with_progress_bar("http://www.snort.org/{$premium_url}/snortrules-snapshot-2860.tar.gz/{$oinkid}", $tmpfname . "/{$snort_filename}", "read_body_firmware");
+ conf_mount_rw();
+ snort_download_file_with_progress_bar("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename}", $tmpfname . "/{$snort_filename}", "read_body_firmware");
update_all_status($static_output);
update_status(gettext("Done downloading rules file."));
if (150000 > filesize("{$tmpfname}/$snort_filename")){
update_status(gettext("Error with the snort rules download..."));
+
update_output_window(gettext("Snort rules file downloaded failed..."));
echo '
<script type="text/javascript">
@@ -646,7 +632,7 @@ if ($emergingthreats == "on")
update_status(gettext("There is a new set of Emergingthreats rules posted. Downloading..."));
update_output_window(gettext("May take 4 to 10 min..."));
// download_file_with_progress_bar("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/emerging.rules.tar.gz", $tmpfname . "/{$emergingthreats_filename}", "read_body_firmware");
- snort_download_file_with_progress_bar("http://www.emergingthreats.net/rules/emerging.rules.tar.gz", $tmpfname . "/{$emergingthreats_filename}", "read_body_firmware");
+ download_file_with_progress_bar("http://www.emergingthreats.net/rules/emerging.rules.tar.gz", $tmpfname . "/{$emergingthreats_filename}", "read_body_firmware");
update_all_status($static_output);
update_status(gettext("Done downloading Emergingthreats rules file."));
}
@@ -662,7 +648,7 @@ if (file_exists("{$tmpfname}/{$pfsense_rules_filename}")) {
update_status(gettext("There is a new set of Pfsense rules posted. Downloading..."));
update_output_window(gettext("May take 4 to 10 min..."));
// download_file_with_progress_bar("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/pfsense_rules.tar.gz", $tmpfname . "/{$pfsense_rules_filename}", "read_body_firmware");
- snort_download_file_with_progress_bar("http://www.pfsense.com/packages/config/snort/pfsense_rules/pfsense_rules.tar.gz", $tmpfname . "/{$pfsense_rules_filename}", "read_body_firmware");
+ download_file_with_progress_bar("http://www.pfsense.com/packages/config/snort/pfsense_rules/pfsense_rules.tar.gz", $tmpfname . "/{$pfsense_rules_filename}", "read_body_firmware");
update_all_status($static_output);
update_status(gettext("Done downloading rules file."));
}
@@ -697,7 +683,7 @@ if (file_exists("{$tmpfname}/{$pfsense_rules_filename}")) {
//}
/* Untar snort rules file individually to help people with low system specs */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
if ($snort_md5_check_ok != on) {
if (file_exists("{$tmpfname}/{$snort_filename}")) {
@@ -820,7 +806,7 @@ if ($premium_url_chk == on) {
}
/* Copy md5 sig to snort dir */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
if ($snort_md5_check_ok != on) {
if (file_exists("{$tmpfname}/$snort_filename_md5")) {
@@ -885,7 +871,7 @@ if (file_exists("{$tmpfname}/$pfsense_rules_filename_md5")) {
}
/* Copy signatures dir to snort dir */
-if ($snortdownload != "off")
+if ($snortdownload == 'on')
{
if ($snort_md5_check_ok != on)
{
@@ -1143,9 +1129,7 @@ function read_body_firmware($ch, $string) {
flush();
$counter = 0;
}
- conf_mount_rw();
fwrite($fout, $string);
- conf_mount_ro();
return $length;
}
@@ -1178,7 +1162,6 @@ function snort_download_file_with_progress_bar($url_file, $destination_file, $re
curl_close($ch);
return ($http_code == 200) ? true : $http_code;
}
-
?>
</body>
diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php
index c570f821..24d230d6 100644
--- a/config/snort/snort_interfaces.php
+++ b/config/snort/snort_interfaces.php
@@ -240,7 +240,7 @@ if ($_GET['act'] == 'toggle' && $_GET['id'] != '')
-$pgtitle = "Services: Snort 2.8.6 pkg v. 1.27";
+$pgtitle = "Services: Snort 2.8.6 pkg v. 1.31";
include("head.inc");
?>
diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php
index 24922564..7cc4f3df 100644
--- a/config/snort/snort_interfaces_global.php
+++ b/config/snort/snort_interfaces_global.php
@@ -268,24 +268,25 @@ include("head.inc");
<td class="tabcont">
<table width="100%" border="0" cellpadding="6" cellspacing="0">
<tr>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Please Choose The Type Of Rules You Wish To Download</td>
+ </tr>
<td width="22%" valign="top" class="vncell">Install Snort.org rules</td>
<td width="78%" class="vtable">
<table cellpadding="0" cellspacing="0">
<tr>
- <td colspan="2"><input name="snortdownload" type="radio" id="snortdownload" value="off" onClick="enable_change(false)" <?php if($pconfig['snortdownload']!="premium" && $pconfig['snortdownload']!="basic") echo "checked"; ?>>
- Do <strong>NOT</strong> install</td>
- </tr>
- <tr>
- <td colspan="2"><input name="snortdownload" type="radio" id="snortdownload" value="premium" onClick="enable_change(false)" <?php if($pconfig['snortdownload']=="premium") echo "checked"; ?>>
- Premium rules <a href="http://forum.pfsense.org/index.php/topic,16847.0.html" target="_blank">HIGHLY RECOMMENDED</a></td>
+ <td colspan="2"><input name="snortdownload" type="radio" id="snortdownload" value="off" onClick="enable_change(false)" <?php if($pconfig['snortdownload']=='off' || $pconfig['snortdownload']=='') echo 'checked'; ?>>
+ Do <strong>NOT</strong> Install</td>
</tr>
<tr>
- <td colspan="2"><input name="snortdownload" type="radio" id="snortdownload" value="basic" onClick="enable_change(false)" <?php if($pconfig['snortdownload']=="basic") echo "checked"; ?>>
- Basic Rules</td>
+ <td colspan="2"><input name="snortdownload" type="radio" id="snortdownload" value="on" onClick="enable_change(false)" <?php if($pconfig['snortdownload']=='on') echo 'checked'; ?>>
+ Install Basic Rules or Premium rules <br>
+ &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="https://www.snort.org/signup" target="_blank">Sign Up for a Basic Rule Account</a><br>
+ &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="http://www.snort.org/vrt/buy-a-subscription" target="_blank">Sign Up for Sourcefire VRT Certified Premium Rules. This Is Highly Recommended</a>
+ </td>
</tr>
<tr>
<td>&nbsp;</td>
- <td>&nbsp;</td>
</tr>
</table>
<table width="100%" border="0" cellpadding="6" cellspacing="0">
@@ -305,40 +306,37 @@ include("head.inc");
Emerging Threats is an open source community that produces fastest moving and diverse Snort Rules.</td>
</tr>
<tr>
- <td width="22%" valign="top" class="vncell">Remove blocked hosts every</td>
+ <td width="22%" valign="top" class="vncell">Update rules automatically</td>
<td width="78%" class="vtable">
- <select name="rm_blocked" class="formfld" id="rm_blocked">
+ <select name="autorulesupdate7" class="formfld" id="autorulesupdate7">
<?php
- $interfaces3 = array('never_b' => 'NEVER', '1h_b' => '1 HOUR', '3h_b' => '3 HOURS', '6h_b' => '6 HOURS', '12h_b' => '12 HOURS', '1d_b' => '1 DAY', '4d_b' => '4 DAYS', '7d_b' => '7 DAYS', '28d_b' => '28 DAYS');
+ $interfaces3 = array('never_up' => 'NEVER', '6h_up' => '6 HOURS', '12h_up' => '12 HOURS', '1d_up' => '1 DAY', '4d_up' => '4 DAYS', '7d_up' => '7 DAYS', '28d_up' => '28 DAYS');
foreach ($interfaces3 as $iface3 => $ifacename3): ?>
- <option value="<?=$iface3;?>" <?php if ($iface3 == $pconfig['rm_blocked']) echo "selected"; ?>>
+ <option value="<?=$iface3;?>" <?php if ($iface3 == $pconfig['autorulesupdate7']) echo "selected"; ?>>
<?=htmlspecialchars($ifacename3);?>
</option>
<?php endforeach; ?>
</select><br>
- <span class="vexpl">Please select the amount of time you would like hosts to be blocked for.<br>
- Hint: in most cases, 1 hour is a good choice.</span></td>
+ <span class="vexpl">Please select the update times for rules.<br>
+ Hint: in most cases, every 12 hours is a good choice.</span></td>
</tr>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">General Settings</td>
+ </tr>
<tr>
- <td width="22%" valign="top" class="vncell">Update rules automatically</td>
+ <td width="22%" valign="top" class="vncell">Remove blocked hosts every</td>
<td width="78%" class="vtable">
- <select name="autorulesupdate7" class="formfld" id="autorulesupdate7">
+ <select name="rm_blocked" class="formfld" id="rm_blocked">
<?php
- $interfaces3 = array('never_up' => 'NEVER', '6h_up' => '6 HOURS', '12h_up' => '12 HOURS', '1d_up' => '1 DAY', '4d_up' => '4 DAYS', '7d_up' => '7 DAYS', '28d_up' => '28 DAYS');
+ $interfaces3 = array('never_b' => 'NEVER', '1h_b' => '1 HOUR', '3h_b' => '3 HOURS', '6h_b' => '6 HOURS', '12h_b' => '12 HOURS', '1d_b' => '1 DAY', '4d_b' => '4 DAYS', '7d_b' => '7 DAYS', '28d_b' => '28 DAYS');
foreach ($interfaces3 as $iface3 => $ifacename3): ?>
- <option value="<?=$iface3;?>" <?php if ($iface3 == $pconfig['autorulesupdate7']) echo "selected"; ?>>
+ <option value="<?=$iface3;?>" <?php if ($iface3 == $pconfig['rm_blocked']) echo "selected"; ?>>
<?=htmlspecialchars($ifacename3);?>
</option>
<?php endforeach; ?>
</select><br>
- <span class="vexpl">Please select the update times for rules.<br>
- Hint: in most cases, every 12 hours is a good choice.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Whitelist VPNs automatically</td>
- <td width="78%" class="vtable">
- <input name="whitelistvpns" type="checkbox" value="yes" <?php if ($config['installedpackages']['snortglobal']['whitelistvpns'] == "on") echo "checked"; ?> onClick="enable_change(false)"><br>
- Checking this option will install whitelists for all VPNs.</td>
+ <span class="vexpl">Please select the amount of time you would like hosts to be blocked for.<br>
+ Hint: in most cases, 1 hour is a good choice.</span></td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell">Alerts file description type</td>