diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2006-09-27 21:17:41 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2006-09-27 21:17:41 +0000 |
commit | a3c3825be09282dc5a0c310c09ea5a8e40c9e9ce (patch) | |
tree | 855b0e0d6f4c539fee76529f803777ed375bccc1 /packages/snort | |
parent | b4ec579d09c91d8279ed970ad00da3a37e96cded (diff) | |
download | pfsense-packages-a3c3825be09282dc5a0c310c09ea5a8e40c9e9ce.tar.gz pfsense-packages-a3c3825be09282dc5a0c310c09ea5a8e40c9e9ce.tar.bz2 pfsense-packages-a3c3825be09282dc5a0c310c09ea5a8e40c9e9ce.zip |
* Ensure that only one snort2c is running
* Ignore items in the whitelist from port scanning
Diffstat (limited to 'packages/snort')
-rw-r--r-- | packages/snort/snort.inc | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc index a206b19f..1733cf82 100644 --- a/packages/snort/snort.inc +++ b/packages/snort/snort.inc @@ -71,7 +71,7 @@ function sync_package_snort() { /* if block offenders is checked, start snort2c */ if($_POST['blockoffenders']) - $start .= ";sleep 1;snort2c -w /var/db/whitelist -a /var/log/snort/alert"; + $start .= "/usr/bin/killall snort2c; sleep 1; snort2c -w /var/db/whitelist -a /var/log/snort/alert"; write_rcfile(array( "file" => "snort.sh", @@ -286,6 +286,7 @@ preprocessor flow-portscan: \ scoreboard-rows-scanner 30000 \ alert-mode once \ output-mode msg \ + portscan-ignorehosts: $HOME_NET \ tcp-penalties on |