aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2012-06-12 09:33:42 +0000
committerErmal <eri@pfsense.org>2012-06-12 09:33:42 +0000
commit18a1c9965b1d6ce92a07a36e56d5ebdf7554323b (patch)
tree1077ed049f0073ab8799bf48e813100b1b384cf2 /config/snort
parent60729223ea389e89e0c840378d80121beef68ce9 (diff)
downloadpfsense-packages-18a1c9965b1d6ce92a07a36e56d5ebdf7554323b.tar.gz
pfsense-packages-18a1c9965b1d6ce92a07a36e56d5ebdf7554323b.tar.bz2
pfsense-packages-18a1c9965b1d6ce92a07a36e56d5ebdf7554323b.zip
Centralize the snort update tarball and use 2922 file for rules.
Diffstat (limited to 'config/snort')
-rw-r--r--config/snort/snort.inc1
-rw-r--r--config/snort/snort_check_for_rule_updates.php16
-rw-r--r--config/snort/snort_download_rules.php33
-rw-r--r--config/snort/snort_download_updates.php34
4 files changed, 24 insertions, 60 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index a5d9ea90..8fb0310f 100644
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -38,6 +38,7 @@ require_once("filter.inc");
/* package version */
$snort_package_version = 'Snort 2.9.1 pkg v. 2.1.1';
+$snort_rules_file = "snortrules-snapshot-2922.tar.gz";
/* Allow additional execution time 0 = no limit. */
ini_set('max_execution_time', '9999');
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index 5043a624..41995e9d 100644
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -40,8 +40,8 @@ $pkg_interface = "console";
$tmpfname = "/usr/local/etc/snort/tmp/snort_rules_up";
$snortdir = "/usr/local/etc/snort";
$snortdir_wan = "/usr/local/etc/snort";
-$snort_filename_md5 = "snortrules-snapshot-2905.tar.gz.md5";
-$snort_filename = "snortrules-snapshot-2905.tar.gz";
+$snort_filename_md5 = "{$snort_rules_file}.md5";
+$snort_filename = "{$snort_rules_file}";
$emergingthreats_filename_md5 = "emerging.rules.tar.gz.md5";
$emergingthreats_filename = "emerging.rules.tar.gz";
$pfsense_rules_filename_md5 = "pfsense_rules.tar.gz.md5";
@@ -64,31 +64,23 @@ $snortdownload = $config['installedpackages']['snortglobal']['snortdownload'];
$emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats'];
if ($snortdownload == 'off' && $emergingthreats != 'on')
-{
$snort_emrging_info = 'stop';
-}
if ($oinkid == "" && $snortdownload != 'off')
-{
$snort_oinkid_info = 'stop';
-}
-
/* check if main rule directory is empty */
$if_mrule_dir = "/usr/local/etc/snort/rules";
$mfolder_chk = (count(glob("$if_mrule_dir/*")) === 0) ? 'empty' : 'full';
-
-if (file_exists('/var/run/snort.conf.dirty')) {
+if (file_exists('/var/run/snort.conf.dirty'))
$snort_dirty_d = 'stop';
-}
/* Start of code */
conf_mount_rw();
-if (!is_dir('/usr/local/etc/snort/tmp')) {
+if (!is_dir('/usr/local/etc/snort/tmp'))
exec('/bin/mkdir -p /usr/local/etc/snort/tmp');
-}
$snort_md5_check_ok = 'off';
$emerg_md5_check_ok = 'off';
diff --git a/config/snort/snort_download_rules.php b/config/snort/snort_download_rules.php
index 1056c337..238a61d8 100644
--- a/config/snort/snort_download_rules.php
+++ b/config/snort/snort_download_rules.php
@@ -29,27 +29,26 @@
*/
/* Setup enviroment */
-
-/* TODO: review if include files are needed */
require_once("guiconfig.inc");
require_once("functions.inc");
require_once("service-utils.inc");
require_once("/usr/local/pkg/snort/snort.inc");
+if ($_GET['return']) {
+ header("Location: /snort/snort_download_updates.php");
+ exit;
+}
+
$tmpfname = "/usr/local/etc/snort/tmp/snort_rules_up";
$snortdir = "/usr/local/etc/snort";
$snortdir_wan = "/usr/local/etc/snort";
-$snort_filename_md5 = "snortrules-snapshot-2905.tar.gz.md5";
-$snort_filename = "snortrules-snapshot-2905.tar.gz";
+$snort_filename_md5 = "{$snort_rules_file}.md5";
+$snort_filename = "{$snort_rules_file}";
$emergingthreats_filename_md5 = "emerging.rules.tar.gz.md5";
$emergingthreats_filename = "emerging.rules.tar.gz";
$pfsense_rules_filename_md5 = "pfsense_rules.tar.gz.md5";
$pfsense_rules_filename = "pfsense_rules.tar.gz";
-$id = $_GET['id'];
-if (isset($_POST['id']))
- $id = $_POST['id'];
-
/* Time stamps define */
$last_md5_download = $config['installedpackages']['snortglobal']['last_md5_download'];
$last_rules_install = $config['installedpackages']['snortglobal']['last_rules_install'];
@@ -60,29 +59,21 @@ $snortdownload = $config['installedpackages']['snortglobal']['snortdownload'];
$emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats'];
if ($snortdownload == 'off' && $emergingthreats != 'on')
-{
$snort_emrging_info = 'stop';
-}
if ($oinkid == "" && $snortdownload != 'off')
-{
$snort_oinkid_info = 'stop';
-}
-
/* check if main rule directory is empty */
$if_mrule_dir = "/usr/local/etc/snort/rules";
$mfolder_chk = (count(glob("$if_mrule_dir/*")) === 0) ? 'empty' : 'full';
-
-if (file_exists('/var/run/snort.conf.dirty')) {
+if (file_exists('/var/run/snort.conf.dirty'))
$snort_dirty_d = 'stop';
-}
$pgtitle = "Services: Snort: Update Rules";
include("head.inc");
-
?>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
@@ -90,7 +81,7 @@ include("head.inc");
<?php include("fbegin.inc"); ?>
<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
-<form action="/snort/snort_testing.php" method="post">
+<form action="/snort/snort_download_updates.php" method="GET">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
@@ -121,10 +112,9 @@ include("head.inc");
</div>
</td>
</tr>
-<tr><td><a href="/snort/snort_download_updates.php"><input type="button" Value="Return"></a></td></tr>
+<tr><td><input type="submit" Value="Return"></td></tr>
</table>
</form>
-
<?php include("fend.inc");?>
</body>
</html>
@@ -133,9 +123,8 @@ include("head.inc");
/* Start of code */
conf_mount_rw();
-if (!is_dir('/usr/local/etc/snort/tmp')) {
+if (!is_dir('/usr/local/etc/snort/tmp'))
exec('/bin/mkdir -p /usr/local/etc/snort/tmp');
-}
$snort_md5_check_ok = 'off';
$emerg_md5_check_ok = 'off';
diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php
index ebde5729..e902cd64 100644
--- a/config/snort/snort_download_updates.php
+++ b/config/snort/snort_download_updates.php
@@ -44,26 +44,17 @@ $snort_load_jquery_colorbox = 'yes';
/* quick md5s chk */
-if(file_exists('/usr/local/etc/snort/snortrules-snapshot-2905.tar.gz.md5'))
-{
- $snort_org_sig_chk_local = exec('/bin/cat /usr/local/etc/snort/snortrules-snapshot-2905.tar.gz.md5');
-}else{
- $snort_org_sig_chk_local = 'N/A';
-}
+$snort_org_sig_chk_local = 'N/A';
+if (file_exists("/usr/local/etc/snort/{$snort_rules_file}.md5"))
+ $snort_org_sig_chk_local = exec("/bin/cat /usr/local/etc/snort/{$snort_rules_file}.md5");
+$emergingt_net_sig_chk_local = 'N/A';
if(file_exists('/usr/local/etc/snort/emerging.rules.tar.gz.md5'))
-{
$emergingt_net_sig_chk_local = exec('/bin/cat /usr/local/etc/snort/emerging.rules.tar.gz.md5');
-}else{
- $emergingt_net_sig_chk_local = 'N/A';
-}
+$pfsense_org_sig_chk_local = 'N/A';
if(file_exists('/usr/local/etc/snort/pfsense_rules.tar.gz.md5'))
-{
$pfsense_org_sig_chk_local = exec('/bin/cat /usr/local/etc/snort/pfsense_rules.tar.gz.md5');
-}else{
- $pfsense_org_sig_chk_local = 'N/A';
-}
/* define checks */
$oinkid = $config['installedpackages']['snortglobal']['oinkmastercode'];
@@ -71,31 +62,22 @@ $snortdownload = $config['installedpackages']['snortglobal']['snortdownload'];
$emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats'];
if ($snortdownload != 'on' && $emergingthreats != 'on')
-{
$snort_emrging_info = 'stop';
-}
if ($oinkid == '' && $snortdownload != 'off')
-{
$snort_oinkid_info = 'stop';
-}
-if ($snort_emrging_info == 'stop' || $snort_oinkid_info == 'stop') {
+if ($snort_emrging_info == 'stop' || $snort_oinkid_info == 'stop')
$error_stop = 'true';
-}
-
/* check if main rule directory is empty */
$if_mrule_dir = "/usr/local/etc/snort/rules";
$mfolder_chk = (count(glob("$if_mrule_dir/*")) === 0) ? 'empty' : 'full';
/* check for logfile */
-if(file_exists('/usr/local/etc/snort/snort_update.log'))
-{
+$update_logfile_chk = 'no';
+if (file_exists('/usr/local/etc/snort/snort_update.log'))
$update_logfile_chk = 'yes';
-}else{
- $update_logfile_chk = 'no';
-}
header("snort_help_info.php");
header( "Expires: Mon, 20 Dec 1998 01:00:00 GMT" );