aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2012-07-22 13:27:55 +0000
committerErmal <eri@pfsense.org>2012-07-22 13:27:55 +0000
commit43a1843df119d61e23a2026f3f7723461c83b043 (patch)
tree01c0ac34764454eaf03b93576ccab98a89300717 /config/snort
parent8e58e615bd87e1f5486f3342909be1d58adedc3e (diff)
downloadpfsense-packages-43a1843df119d61e23a2026f3f7723461c83b043.tar.gz
pfsense-packages-43a1843df119d61e23a2026f3f7723461c83b043.tar.bz2
pfsense-packages-43a1843df119d61e23a2026f3f7723461c83b043.zip
Extract emerging threats before snort and copy even ip lists into rules file
Diffstat (limited to 'config/snort')
-rw-r--r--config/snort/snort_check_for_rule_updates.php72
1 files changed, 42 insertions, 30 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index 89039f9f..112682d2 100644
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -164,6 +164,42 @@ $sedcmd .= "s/^\\talert/alert/g\n";
$sedcmd .= "s/^[ \\t]*alert/alert/g\n";
@file_put_contents("{$snortdir}/tmp/sedcmd", $sedcmd);
+/* Untar emergingthreats rules to tmp */
+if ($emergingthreats == 'on') {
+ safe_mkdir("{$snortdir}/tmp/emerging");
+ if (file_exists("{$tmpfname}/{$emergingthreats_filename}")) {
+ update_status(gettext("Extracting rules..."));
+ exec("/usr/bin/tar xzf {$tmpfname}/{$emergingthreats_filename} -C {$snortdir}/tmp/emerging rules/");
+
+ $files = glob("{$snortdir}/tmp/emerging/rules/*.rules");
+ foreach ($files as $file) {
+ $newfile = basename($file);
+ @copy($file, "{$snortdir}/rules/{$newfile}");
+ }
+ /* IP lists */
+ $files = glob("{$snortdir}/tmp/emerging/rules/*.txt");
+ foreach ($files as $file) {
+ $newfile = basename($file);
+ @copy($file, "{$snortdir}/rules/{$newfile}");
+ }
+ if ($snortdownload == 'off') {
+ foreach (array("classification.config", "reference.config", "sid-msg.map", "unicode.map") as $file) {
+ if (file_exists("{$snortdir}/tmp/emerging/rules/{$file}"))
+ @copy("{$snortdir}/tmp/emerging/rules/{$file}", "{$snortdir}/{$file}");
+ }
+ }
+
+ /* make shure default rules are in the right format */
+ exec("/usr/bin/sed -I '' -f {$snortdir}/tmp/sedcmd {$snortdir}/rules/emerging*.rules");
+
+ /* Copy emergingthreats md5 sig to snort dir */
+ if (file_exists("{$tmpfname}/$emergingthreats_filename_md5")) {
+ update_status(gettext("Copying md5 sig to snort directory..."));
+ @copy("{$tmpfname}/$emergingthreats_filename_md5", "{$snortdir}/$emergingthreats_filename_md5");
+ }
+ }
+}
+
/* Untar snort rules file individually to help people with low system specs */
if ($snortdownload == 'on') {
if (file_exists("{$tmpfname}/{$snort_filename}")) {
@@ -181,6 +217,12 @@ if ($snortdownload == 'on') {
$newfile = basename($file);
@copy($file, "{$snortdir}/rules/snort_{$newfile}");
}
+ /* IP lists */
+ $files = glob("{$snortdir}/tmp/snortrules/rules/*.txt");
+ foreach ($files as $file) {
+ $newfile = basename($file);
+ @copy($file, "{$snortdir}/rules/{$newfile}");
+ }
exec("rm -r {$snortdir}/tmp/snortrules");
/* extract so rules */
@@ -245,36 +287,6 @@ if ($snortdownload == 'on') {
}
}
-/* Untar emergingthreats rules to tmp */
-if ($emergingthreats == 'on') {
- safe_mkdir("{$snortdir}/tmp/emerging");
- if (file_exists("{$tmpfname}/{$emergingthreats_filename}")) {
- update_status(gettext("Extracting rules..."));
- exec("/usr/bin/tar xzf {$tmpfname}/{$emergingthreats_filename} -C {$snortdir}/tmp/emerging rules/");
-
- $files = glob("{$snortdir}/tmp/emerging/rules/*.rules");
- foreach ($files as $file) {
- $newfile = basename($file);
- @copy($file, "{$snortdir}/rules/{$newfile}");
- }
- if ($snortdownload == 'off') {
- foreach (array("classification.config", "reference.config", "sid-msg.map", "unicode.map") as $file) {
- if (file_exists("{$snortdir}/tmp/emerging/rules/{$file}"))
- @copy("{$snortdir}/tmp/emerging/rules/{$file}", "{$snortdir}/{$file}");
- }
- }
-
- /* make shure default rules are in the right format */
- exec("/usr/bin/sed -I '' -f {$snortdir}/tmp/sedcmd {$snortdir}/rules/emerging*.rules");
-
- /* Copy emergingthreats md5 sig to snort dir */
- if (file_exists("{$tmpfname}/$emergingthreats_filename_md5")) {
- update_status(gettext("Copying md5 sig to snort directory..."));
- @copy("{$tmpfname}/$emergingthreats_filename_md5", "{$snortdir}/$emergingthreats_filename_md5");
- }
- }
-}
-
/* remove old $tmpfname files */
if (is_dir("{$snortdir}/tmp")) {
update_status(gettext("Cleaning up..."));