aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@gmail.com>2011-12-05 13:56:47 -0800
committerScott Ullrich <sullrich@gmail.com>2011-12-05 13:56:47 -0800
commit36b1c7fed9681d40b64d433591dd7717d21ebcf5 (patch)
tree419199f4193e7005d3d5ae0696d2170a84cc50d2 /config
parente35aa3111520afb6d020816d09992bd66469839a (diff)
parent2fbc6884d4aa24eeea690b2afeb2e182feeabc8e (diff)
downloadpfsense-packages-36b1c7fed9681d40b64d433591dd7717d21ebcf5.tar.gz
pfsense-packages-36b1c7fed9681d40b64d433591dd7717d21ebcf5.tar.bz2
pfsense-packages-36b1c7fed9681d40b64d433591dd7717d21ebcf5.zip
Merge pull request #117 from mdima/master
Fix for http://redmine.pfsense.org/issues/2033
Diffstat (limited to 'config')
-rw-r--r--config/snort/snort.inc16
-rw-r--r--config/snort/snort_define_servers.php20
-rw-r--r--config/snort/snort_interfaces_edit.php4
3 files changed, 40 insertions, 0 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 0e624c7f..36f58760 100644
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -1581,6 +1581,20 @@ function generate_snort_conf($id, $if_real, $snort_uuid)
$def_sip_proxy_ports_type = "5060:5090,16384:32768";
else
$def_sip_proxy_ports_type = "$def_sip_proxy_ports_info_chk";
+
+ /* def SIP_IP */
+ $def_sip_ip_info_chk = $snortcfg['def_sip_ip'];
+ if ($def_sip_ip_info_chk == "")
+ $def_sip_ip_type = "\$HOME_NET";
+ else
+ $def_sip_ip_type = "$def_sip_ip_info_chk";
+
+ /* def SIP_PORTS */
+ $def_sip_ports_info_chk = $snortcfg['def_sip_ports'];
+ if ($def_sip_ports_info_chk == "")
+ $def_sip_ports_type = "5060:5090,16384:32768";
+ else
+ $def_sip_ports_type = "$def_sip_ports_info_chk";
/* def AUTH_PORTS */
$def_auth_ports_info_chk = $snortcfg['def_auth_ports'];
@@ -1964,6 +1978,7 @@ var IMAP_SERVERS [{$def_imap_servers_type}]
var RPC_SERVERS \$HOME_NET
var WWW_SERVERS [{$def_www_servers_type}]
var SIP_PROXY_IP [{$def_sip_proxy_ip_type}]
+var SIP_IP [{$def_sip_ip_type}]
var AIM_SERVERS \
[64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24]
@@ -1997,6 +2012,7 @@ portvar TELNET_PORTS [{$def_telnet_ports_type}]
portvar MAIL_PORTS [{$def_mail_ports_type}]
portvar SSL_PORTS [{$def_ssl_ports_type}]
portvar SIP_PROXY_PORTS [{$def_sip_proxy_ports_type}]
+portvar SIP_PORTS [{$def_sip_ports_type}]
# DCERPC NCACN-IP-TCP
portvar DCERPC_NCACN_IP_TCP [139,445]
diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php
index e3238ef7..45264995 100644
--- a/config/snort/snort_define_servers.php
+++ b/config/snort/snort_define_servers.php
@@ -88,6 +88,8 @@ if (isset($id) && $a_nat[$id]) {
$pconfig['def_imap_servers'] = $a_nat[$id]['def_imap_servers'];
$pconfig['def_imap_ports'] = $a_nat[$id]['def_imap_ports'];
$pconfig['def_sip_proxy_ip'] = $a_nat[$id]['def_sip_proxy_ip'];
+ $pconfig['def_sip_servers_ip'] = $a_nat[$id]['def_sip_servers_ip'];
+ $pconfig['def_sip_ports'] = $a_nat[$id]['def_sip_ports'];
$pconfig['def_sip_proxy_ports'] = $a_nat[$id]['def_sip_proxy_ports'];
$pconfig['def_auth_ports'] = $a_nat[$id]['def_auth_ports'];
$pconfig['def_finger_ports'] = $a_nat[$id]['def_finger_ports'];
@@ -139,6 +141,8 @@ if ($_POST) {
if ($_POST['def_imap_ports'] != "") { $natent['def_imap_ports'] = $_POST['def_imap_ports']; }else{ $natent['def_imap_ports'] = ""; }
if ($_POST['def_sip_proxy_ip'] != "") { $natent['def_sip_proxy_ip'] = $_POST['def_sip_proxy_ip']; }else{ $natent['def_sip_proxy_ip'] = ""; }
if ($_POST['def_sip_proxy_ports'] != "") { $natent['def_sip_proxy_ports'] = $_POST['def_sip_proxy_ports']; }else{ $natent['def_sip_proxy_ports'] = ""; }
+ if ($_POST['def_sip_ip'] != "") { $natent['def_sip_ip'] = $_POST['def_sip_ip']; }else{ $natent['def_sip_ip'] = ""; }
+ if ($_POST['def_sip_ports'] != "") { $natent['def_sip_ports'] = $_POST['def_sip_ports']; }else{ $natent['def_sip_ports'] = ""; }
if ($_POST['def_auth_ports'] != "") { $natent['def_auth_ports'] = $_POST['def_auth_ports']; }else{ $natent['def_auth_ports'] = ""; }
if ($_POST['def_finger_ports'] != "") { $natent['def_finger_ports'] = $_POST['def_finger_ports']; }else{ $natent['def_finger_ports'] = ""; }
if ($_POST['def_irc_ports'] != "") { $natent['def_irc_ports'] = $_POST['def_irc_ports']; }else{ $natent['def_irc_ports'] = ""; }
@@ -442,8 +446,24 @@ echo "{$snort_general_css}\n";
value="<?=htmlspecialchars($pconfig['def_sip_proxy_ports']);?>"> <br>
<span class="vexpl">Example: Specific ports "25,443" or All ports
betwen "5060:5090 . Default is 5060:5090,16384:32768.</span></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell2">Define SIP_SERVERS</td>
+ <td width="78%" class="vtable"><input name="def_sip_ip"
+ type="text" class="formfld" id="def_sip_ip" size="40"
+ value="<?=htmlspecialchars($pconfig['def_sip_ip']);?>"> <br>
+ <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
+ blank to scan all networks.</span></td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncell2">Define SIP_PORTS</td>
+ <td width="78%" class="vtable"><input name="def_sip_ports"
+ type="text" class="formfld" id="def_sip_ports" size="40"
+ value="<?=htmlspecialchars($pconfig['def_sip_ports']);?>"> <br>
+ <span class="vexpl">Example: Specific ports "25,443" or All ports
+ betwen "5060:5090 . Default is 5060:5090,16384:32768.</span></td>
+ </tr>
+ <tr>
<td width="22%" valign="top" class="vncell2">Define AUTH_PORTS</td>
<td width="78%" class="vtable"><input name="def_auth_ports"
type="text" class="formfld" id="def_auth_ports" size="40"
diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php
index b1a091e7..a0e912cd 100644
--- a/config/snort/snort_interfaces_edit.php
+++ b/config/snort/snort_interfaces_edit.php
@@ -111,6 +111,8 @@ if (isset($id) && $a_nat[$id]) {
$pconfig['def_imap_servers'] = $a_nat[$id]['def_imap_servers'];
$pconfig['def_imap_ports'] = $a_nat[$id]['def_imap_ports'];
$pconfig['def_sip_proxy_ip'] = $a_nat[$id]['def_sip_proxy_ip'];
+ $pconfig['def_sip_servers_ip'] = $a_nat[$id]['def_sip_servers_ip'];
+ $pconfig['def_sip_ports'] = $a_nat[$id]['def_sip_ports'];
$pconfig['def_sip_proxy_ports'] = $a_nat[$id]['def_sip_proxy_ports'];
$pconfig['def_auth_ports'] = $a_nat[$id]['def_auth_ports'];
$pconfig['def_finger_ports'] = $a_nat[$id]['def_finger_ports'];
@@ -253,6 +255,8 @@ if (isset($_GET['dup']))
if ($pconfig['def_imap_servers'] != "") { $natent['def_imap_servers'] = $pconfig['def_imap_servers']; }
if ($pconfig['def_imap_ports'] != "") { $natent['def_imap_ports'] = $pconfig['def_imap_ports']; }
if ($pconfig['def_sip_proxy_ip'] != "") { $natent['def_sip_proxy_ip'] = $pconfig['def_sip_proxy_ip']; }
+ if ($pconfig['def_sip_ip'] != "") { $natent['def_sip_ip'] = $pconfig['def_sip_ip']; }else{ $natent['def_sip_ip'] = ""; }
+ if ($pconfig['def_sip_ports'] != "") { $natent['def_sip_ports'] = $pconfig['def_sip_ports']; }else{ $natent['def_sip_ports'] = ""; }
if ($pconfig['def_sip_proxy_ports'] != "") { $natent['def_sip_proxy_ports'] = $pconfig['def_sip_proxy_ports']; }
if ($pconfig['def_auth_ports'] != "") { $natent['def_auth_ports'] = $pconfig['def_auth_ports']; }
if ($pconfig['def_finger_ports'] != "") { $natent['def_finger_ports'] = $pconfig['def_finger_ports']; }