aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorrobiscool <robrob2626@yahoo.com>2009-10-04 11:27:37 -0700
committerrobiscool <robrob2626@yahoo.com>2009-10-04 11:28:19 -0700
commit320b8afa9bed3998aa04e51c77733c48466250c9 (patch)
tree037433232266988f649ae12f4d6c09d9fc2d0829 /config/snort
parent55b8ddb898dd4bd9bcc5fccdb015c819e166421a (diff)
downloadpfsense-packages-320b8afa9bed3998aa04e51c77733c48466250c9.tar.gz
pfsense-packages-320b8afa9bed3998aa04e51c77733c48466250c9.tar.bz2
pfsense-packages-320b8afa9bed3998aa04e51c77733c48466250c9.zip
snort stable snort dev, fix misc
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort.inc16
-rw-r--r--config/snort/snort_check_for_rule_updates.php7
-rw-r--r--config/snort/snort_download_rules.php8
3 files changed, 13 insertions, 18 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index a5e2425b..7320db00 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -78,13 +78,15 @@ function sync_package_snort()
exec("/bin/mkdir -p /usr/local/etc/snort");
exec("/bin/mkdir -p /var/log/snort");
exec("/bin/mkdir -p /usr/local/etc/snort/rules");
- exec("/bin/cp /usr/local/etc/snort/unicode.map-sample /usr/local/etc/snort/unicode.map");
- exec("/bin/cp /usr/local/etc/snort/classification.config-sample /usr/local/etc/snort/classification.config");
- exec("/bin/cp /usr/local/etc/snort/generators-sample /usr/local/etc/snort/generators");
- exec("/bin/cp /usr/local/etc/snort/reference.config-sample /usr/local/etc/snort/reference.config");
- exec("/bin/cp /usr/local/etc/snort/sid-msg.map-sample /usr/local/etc/snort/sid-msg.map");
- exec("/bin/cp /usr/local/etc/snort/sid-sample /usr/local/etc/snort/sid");
- exec("/bin/cp /usr/local/etc/snort/unicode.map-sample /usr/local/etc/snort/unicode.map");
+ exec("/bin/rm /usr/local/etc/snort/snort.conf-sample");
+ exec("/bin/rm /usr/local/etc/snort/threshold.conf-sample");
+ exec("/bin/rm /usr/local/etc/snort/sid-msg.map-sample");
+ exec("/bin/rm /usr/local/etc/snort/unicode.map-sample");
+ exec("/bin/rm /usr/local/etc/snort/classification.config-sample");
+ exec("/bin/rm /usr/local/etc/snort/generators-sample");
+ exec("/bin/rm /usr/local/etc/snort/reference.config-sample");
+ exec("/bin/rm /usr/local/etc/snort/gen-msg.map-sample");
+ exec("/bin/rm /usr/local/etc/snort/sid");
exec("/bin/rm -f /usr/local/etc/rc.d/snort");
$first = 0;
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index f21e34c0..95adbaa6 100644
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -562,7 +562,7 @@ if (file_exists("/usr/local/lib/snort/dynamicrules/lib_sfdynamic_example_rule.so
echo "Updating Alert Messages...\n";
echo "Please Wait...\n";
sleep(2);
-exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort_bkup/rules > /usr/local/etc/snort_bkup/gen-msg.map");
+exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort_bkup/rules > /usr/local/etc/snort_bkup/sid-msg.map");
/* Run oinkmaster to snort_wan and cp configs */
/* If oinkmaster is not needed cp rules normally */
@@ -580,21 +580,18 @@ echo "May take a while...\n";
exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}");
exec("/bin/cp {$snortdir}/sid {$snortdir_wan}");
exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}");
-// exec("/bin/cp {$snortdir}/snort.conf {$snortdir_wan}");
-// exec("/bin/cp {$snortdir}/threshold.conf {$snortdir_wan}");
exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}");
} else {
echo "Your enable and disable changes are being applied to your fresh set of rules...\n";
echo "May take a while...\n";
+ exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/rules/");
exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}");
exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}");
exec("/bin/cp {$snortdir}/generators {$snortdir_wan}");
exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}");
exec("/bin/cp {$snortdir}/sid {$snortdir_wan}");
exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}");
-// exec("/bin/cp {$snortdir}/snort.conf {$snortdir_wan}");
-// exec("/bin/cp {$snortdir}/threshold.conf {$snortdir_wan}");
exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}");
/* oinkmaster.pl will convert saved changes for the new updates then we have to change #alert to # alert for the gui */
diff --git a/config/snort/snort_download_rules.php b/config/snort/snort_download_rules.php
index 5e2b9888..133f2d2a 100644
--- a/config/snort/snort_download_rules.php
+++ b/config/snort/snort_download_rules.php
@@ -680,7 +680,7 @@ if (file_exists("/usr/local/lib/snort/dynamicrules/lib_sfdynamic_example_rule.so
/* create a msg-map for snort */
update_status(gettext("Updating Alert Messages..."));
update_output_window(gettext("Please Wait..."));
-exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort_bkup/rules > /usr/local/etc/snort_bkup/gen-msg.map");
+exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort_bkup/rules > /usr/local/etc/snort_bkup/sid-msg.map");
/* Run oinkmaster to snort_wan and cp configs */
/* If oinkmaster is not needed cp rules normally */
@@ -697,22 +697,18 @@ if ($snort_md5_check_ok != on || $emerg_md5_check_chk_ok != on || $pfsense_md5_c
exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}");
exec("/bin/cp {$snortdir}/sid {$snortdir_wan}");
exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}");
-// exec("/bin/cp {$snortdir}/snort.conf {$snortdir_wan}");
-// exec("/bin/cp {$snortdir}/threshold.conf {$snortdir_wan}");
exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}");
} else {
update_status(gettext("Your enable and disable changes are being applied to your fresh set of rules..."));
update_output_window(gettext("May take a while..."));
-
+ exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/rules/");
exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}");
exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}");
exec("/bin/cp {$snortdir}/generators {$snortdir_wan}");
exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}");
exec("/bin/cp {$snortdir}/sid {$snortdir_wan}");
exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}");
-// exec("/bin/cp {$snortdir}/snort.conf {$snortdir_wan}");
-// exec("/bin/cp {$snortdir}/threshold.conf {$snortdir_wan}");
exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}");
/* oinkmaster.pl will convert saved changes for the new updates then we have to change #alert to # alert for the gui */