aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2011-09-04 15:57:12 +0000
committerErmal <eri@pfsense.org>2011-09-04 15:57:12 +0000
commit26adf4e5b503ef318ad9111606732f50c77b0342 (patch)
tree05efc533b3040025c5c2a9cee58707b792e01cae /config/snort
parentc475e3893adb4052e11fbe6e2d03000807254497 (diff)
downloadpfsense-packages-26adf4e5b503ef318ad9111606732f50c77b0342.tar.gz
pfsense-packages-26adf4e5b503ef318ad9111606732f50c77b0342.tar.bz2
pfsense-packages-26adf4e5b503ef318ad9111606732f50c77b0342.zip
Correct freebsd version for the folder whre the snort rules are contained and add support for 64bit precompiled rules since they are present.
Diffstat (limited to 'config/snort')
-rw-r--r--config/snort/snort_check_for_rule_updates.php15
-rw-r--r--config/snort/snort_download_rules.php18
2 files changed, 20 insertions, 13 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index 0441a26a..1731eb87 100644
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -342,7 +342,7 @@ if ($snortdownload == 'on')
if ($pfsense_stable == 'yes')
$freebsd_version_so = 'FreeBSD-7-2';
else
- $freebsd_version_so = 'FreeBSD-8-2';
+ $freebsd_version_so = 'FreeBSD-8-1';
update_status(gettext("Extracting Snort.org rules..."));
update_output_window(gettext("May take a while..."));
@@ -354,14 +354,17 @@ if ($snortdownload == 'on')
sleep(2);
exec('/usr/local/bin/perl /usr/local/bin/snort_rename.pl s/^/snort_/ *.rules');
- /* extract so rules on for x86 for now */
- /* TODO: ask snort.org to build x64 version of so rules for Freebsd 8.1 Sept 05,2010 */
+ /* extract so rules */
+ exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
if($snort_arch == 'x86'){
exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.9.0.5/");
- exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.9.0.5/* /usr/local/lib/snort/dynamicrules/");
- /* extract so rules none bin and rename */
- exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" .
+ } else if ($snort_arch == 'x64') {
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/x86-64/2.9.0.5/");
+ exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/x86-64/2.9.0.5/* /usr/local/lib/snort/dynamicrules/");
+ }
+ /* extract so rules none bin and rename */
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" .
" so_rules/chat.rules/" .
" so_rules/dos.rules/" .
" so_rules/exploit.rules/" .
diff --git a/config/snort/snort_download_rules.php b/config/snort/snort_download_rules.php
index 7ab33159..6671b5b2 100644
--- a/config/snort/snort_download_rules.php
+++ b/config/snort/snort_download_rules.php
@@ -404,7 +404,7 @@ if ($snortdownload == 'on')
{
$freebsd_version_so = 'FreeBSD-7-2';
}else{
- $freebsd_version_so = 'FreeBSD-8-0';
+ $freebsd_version_so = 'FreeBSD-8-1';
}
update_status(gettext("Extracting Snort.org rules..."));
@@ -417,14 +417,18 @@ if ($snortdownload == 'on')
sleep(2);
exec('/usr/local/bin/perl /usr/local/bin/snort_rename.pl s/^/snort_/ *.rules');
- /* extract so rules on for x86 for now */
- /* TODO: ask snort.org to build x64 version of so rules for Freebsd 8.1 Sept 05,2010 */
- if($snort_arch == 'x86'){
+ /* extract so rules */
+ exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
+ if($snort_arch == 'x86') {
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.9.0.5/");
exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.9.0.5/");
- exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.9.0.5/* /usr/local/lib/snort/dynamicrules/");
- /* extract so rules none bin and rename */
- exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" .
+ } else if ($snort_arch == 'x64') {
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/x86-64/2.9.0.5/");
+ exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/x86-64/2.9.0.5/* /usr/local/lib/snort/dynamicrules/");
+ }
+ /* extract so rules none bin and rename */
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" .
" so_rules/chat.rules/" .
" so_rules/dos.rules/" .
" so_rules/exploit.rules/" .