diff options
author | Ermal <eri@pfsense.org> | 2012-06-12 09:33:42 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2012-06-12 09:33:42 +0000 |
commit | 18a1c9965b1d6ce92a07a36e56d5ebdf7554323b (patch) | |
tree | 1077ed049f0073ab8799bf48e813100b1b384cf2 /config/snort | |
parent | 60729223ea389e89e0c840378d80121beef68ce9 (diff) | |
download | pfsense-packages-18a1c9965b1d6ce92a07a36e56d5ebdf7554323b.tar.gz pfsense-packages-18a1c9965b1d6ce92a07a36e56d5ebdf7554323b.tar.bz2 pfsense-packages-18a1c9965b1d6ce92a07a36e56d5ebdf7554323b.zip |
Centralize the snort update tarball and use 2922 file for rules.
Diffstat (limited to 'config/snort')
-rw-r--r-- | config/snort/snort.inc | 1 | ||||
-rw-r--r-- | config/snort/snort_check_for_rule_updates.php | 16 | ||||
-rw-r--r-- | config/snort/snort_download_rules.php | 33 | ||||
-rw-r--r-- | config/snort/snort_download_updates.php | 34 |
4 files changed, 24 insertions, 60 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index a5d9ea90..8fb0310f 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -38,6 +38,7 @@ require_once("filter.inc"); /* package version */ $snort_package_version = 'Snort 2.9.1 pkg v. 2.1.1'; +$snort_rules_file = "snortrules-snapshot-2922.tar.gz"; /* Allow additional execution time 0 = no limit. */ ini_set('max_execution_time', '9999'); diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index 5043a624..41995e9d 100644 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -40,8 +40,8 @@ $pkg_interface = "console"; $tmpfname = "/usr/local/etc/snort/tmp/snort_rules_up"; $snortdir = "/usr/local/etc/snort"; $snortdir_wan = "/usr/local/etc/snort"; -$snort_filename_md5 = "snortrules-snapshot-2905.tar.gz.md5"; -$snort_filename = "snortrules-snapshot-2905.tar.gz"; +$snort_filename_md5 = "{$snort_rules_file}.md5"; +$snort_filename = "{$snort_rules_file}"; $emergingthreats_filename_md5 = "emerging.rules.tar.gz.md5"; $emergingthreats_filename = "emerging.rules.tar.gz"; $pfsense_rules_filename_md5 = "pfsense_rules.tar.gz.md5"; @@ -64,31 +64,23 @@ $snortdownload = $config['installedpackages']['snortglobal']['snortdownload']; $emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats']; if ($snortdownload == 'off' && $emergingthreats != 'on') -{ $snort_emrging_info = 'stop'; -} if ($oinkid == "" && $snortdownload != 'off') -{ $snort_oinkid_info = 'stop'; -} - /* check if main rule directory is empty */ $if_mrule_dir = "/usr/local/etc/snort/rules"; $mfolder_chk = (count(glob("$if_mrule_dir/*")) === 0) ? 'empty' : 'full'; - -if (file_exists('/var/run/snort.conf.dirty')) { +if (file_exists('/var/run/snort.conf.dirty')) $snort_dirty_d = 'stop'; -} /* Start of code */ conf_mount_rw(); -if (!is_dir('/usr/local/etc/snort/tmp')) { +if (!is_dir('/usr/local/etc/snort/tmp')) exec('/bin/mkdir -p /usr/local/etc/snort/tmp'); -} $snort_md5_check_ok = 'off'; $emerg_md5_check_ok = 'off'; diff --git a/config/snort/snort_download_rules.php b/config/snort/snort_download_rules.php index 1056c337..238a61d8 100644 --- a/config/snort/snort_download_rules.php +++ b/config/snort/snort_download_rules.php @@ -29,27 +29,26 @@ */ /* Setup enviroment */ - -/* TODO: review if include files are needed */ require_once("guiconfig.inc"); require_once("functions.inc"); require_once("service-utils.inc"); require_once("/usr/local/pkg/snort/snort.inc"); +if ($_GET['return']) { + header("Location: /snort/snort_download_updates.php"); + exit; +} + $tmpfname = "/usr/local/etc/snort/tmp/snort_rules_up"; $snortdir = "/usr/local/etc/snort"; $snortdir_wan = "/usr/local/etc/snort"; -$snort_filename_md5 = "snortrules-snapshot-2905.tar.gz.md5"; -$snort_filename = "snortrules-snapshot-2905.tar.gz"; +$snort_filename_md5 = "{$snort_rules_file}.md5"; +$snort_filename = "{$snort_rules_file}"; $emergingthreats_filename_md5 = "emerging.rules.tar.gz.md5"; $emergingthreats_filename = "emerging.rules.tar.gz"; $pfsense_rules_filename_md5 = "pfsense_rules.tar.gz.md5"; $pfsense_rules_filename = "pfsense_rules.tar.gz"; -$id = $_GET['id']; -if (isset($_POST['id'])) - $id = $_POST['id']; - /* Time stamps define */ $last_md5_download = $config['installedpackages']['snortglobal']['last_md5_download']; $last_rules_install = $config['installedpackages']['snortglobal']['last_rules_install']; @@ -60,29 +59,21 @@ $snortdownload = $config['installedpackages']['snortglobal']['snortdownload']; $emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats']; if ($snortdownload == 'off' && $emergingthreats != 'on') -{ $snort_emrging_info = 'stop'; -} if ($oinkid == "" && $snortdownload != 'off') -{ $snort_oinkid_info = 'stop'; -} - /* check if main rule directory is empty */ $if_mrule_dir = "/usr/local/etc/snort/rules"; $mfolder_chk = (count(glob("$if_mrule_dir/*")) === 0) ? 'empty' : 'full'; - -if (file_exists('/var/run/snort.conf.dirty')) { +if (file_exists('/var/run/snort.conf.dirty')) $snort_dirty_d = 'stop'; -} $pgtitle = "Services: Snort: Update Rules"; include("head.inc"); - ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> @@ -90,7 +81,7 @@ include("head.inc"); <?php include("fbegin.inc"); ?> <?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?> -<form action="/snort/snort_testing.php" method="post"> +<form action="/snort/snort_download_updates.php" method="GET"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td> @@ -121,10 +112,9 @@ include("head.inc"); </div> </td> </tr> -<tr><td><a href="/snort/snort_download_updates.php"><input type="button" Value="Return"></a></td></tr> +<tr><td><input type="submit" Value="Return"></td></tr> </table> </form> - <?php include("fend.inc");?> </body> </html> @@ -133,9 +123,8 @@ include("head.inc"); /* Start of code */ conf_mount_rw(); -if (!is_dir('/usr/local/etc/snort/tmp')) { +if (!is_dir('/usr/local/etc/snort/tmp')) exec('/bin/mkdir -p /usr/local/etc/snort/tmp'); -} $snort_md5_check_ok = 'off'; $emerg_md5_check_ok = 'off'; diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php index ebde5729..e902cd64 100644 --- a/config/snort/snort_download_updates.php +++ b/config/snort/snort_download_updates.php @@ -44,26 +44,17 @@ $snort_load_jquery_colorbox = 'yes'; /* quick md5s chk */ -if(file_exists('/usr/local/etc/snort/snortrules-snapshot-2905.tar.gz.md5')) -{ - $snort_org_sig_chk_local = exec('/bin/cat /usr/local/etc/snort/snortrules-snapshot-2905.tar.gz.md5'); -}else{ - $snort_org_sig_chk_local = 'N/A'; -} +$snort_org_sig_chk_local = 'N/A'; +if (file_exists("/usr/local/etc/snort/{$snort_rules_file}.md5")) + $snort_org_sig_chk_local = exec("/bin/cat /usr/local/etc/snort/{$snort_rules_file}.md5"); +$emergingt_net_sig_chk_local = 'N/A'; if(file_exists('/usr/local/etc/snort/emerging.rules.tar.gz.md5')) -{ $emergingt_net_sig_chk_local = exec('/bin/cat /usr/local/etc/snort/emerging.rules.tar.gz.md5'); -}else{ - $emergingt_net_sig_chk_local = 'N/A'; -} +$pfsense_org_sig_chk_local = 'N/A'; if(file_exists('/usr/local/etc/snort/pfsense_rules.tar.gz.md5')) -{ $pfsense_org_sig_chk_local = exec('/bin/cat /usr/local/etc/snort/pfsense_rules.tar.gz.md5'); -}else{ - $pfsense_org_sig_chk_local = 'N/A'; -} /* define checks */ $oinkid = $config['installedpackages']['snortglobal']['oinkmastercode']; @@ -71,31 +62,22 @@ $snortdownload = $config['installedpackages']['snortglobal']['snortdownload']; $emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats']; if ($snortdownload != 'on' && $emergingthreats != 'on') -{ $snort_emrging_info = 'stop'; -} if ($oinkid == '' && $snortdownload != 'off') -{ $snort_oinkid_info = 'stop'; -} -if ($snort_emrging_info == 'stop' || $snort_oinkid_info == 'stop') { +if ($snort_emrging_info == 'stop' || $snort_oinkid_info == 'stop') $error_stop = 'true'; -} - /* check if main rule directory is empty */ $if_mrule_dir = "/usr/local/etc/snort/rules"; $mfolder_chk = (count(glob("$if_mrule_dir/*")) === 0) ? 'empty' : 'full'; /* check for logfile */ -if(file_exists('/usr/local/etc/snort/snort_update.log')) -{ +$update_logfile_chk = 'no'; +if (file_exists('/usr/local/etc/snort/snort_update.log')) $update_logfile_chk = 'yes'; -}else{ - $update_logfile_chk = 'no'; -} header("snort_help_info.php"); header( "Expires: Mon, 20 Dec 1998 01:00:00 GMT" ); |