aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/snort/bin/7.2.x86/barnyard2bin715041 -> 0 bytes
-rw-r--r--config/snort/bin/7.3.x86/barnyard2bin0 -> 862409 bytes
-rwxr-xr-xconfig/snort/bin/8.0.x86/barnyard2bin849388 -> 0 bytes
-rw-r--r--config/snort/bin/8.0.x86/md5_files9
-rw-r--r--config/snort/bin/8.0.x86/md5_files~9
-rw-r--r--config/snort/bin/8.1x64/barnyard2bin0 -> 984834 bytes
-rw-r--r--config/snort/bin/8.1x86/barnyard2bin0 -> 849805 bytes
-rw-r--r--config/snort/snort.inc25
-rw-r--r--config/snort/snort_download_rules.php8
-rwxr-xr-xpkg_config.7.xml12
-rwxr-xr-xpkg_config.8.xml12
-rwxr-xr-xpkg_config.8.xml.amd649
12 files changed, 45 insertions, 39 deletions
diff --git a/config/snort/bin/7.2.x86/barnyard2 b/config/snort/bin/7.2.x86/barnyard2
deleted file mode 100644
index 9266051c..00000000
--- a/config/snort/bin/7.2.x86/barnyard2
+++ /dev/null
Binary files differ
diff --git a/config/snort/bin/7.3.x86/barnyard2 b/config/snort/bin/7.3.x86/barnyard2
new file mode 100644
index 00000000..df78449d
--- /dev/null
+++ b/config/snort/bin/7.3.x86/barnyard2
Binary files differ
diff --git a/config/snort/bin/8.0.x86/barnyard2 b/config/snort/bin/8.0.x86/barnyard2
deleted file mode 100755
index 43476338..00000000
--- a/config/snort/bin/8.0.x86/barnyard2
+++ /dev/null
Binary files differ
diff --git a/config/snort/bin/8.0.x86/md5_files b/config/snort/bin/8.0.x86/md5_files
deleted file mode 100644
index 3b283d80..00000000
--- a/config/snort/bin/8.0.x86/md5_files
+++ /dev/null
@@ -1,9 +0,0 @@
-#For Freebsd 8.0
-
-
-MD5 (pcre-8.00.tbz) = 8a1ac82500efccefc6418856e27b6cc1
-MD5 (snort-2.8.5.3.tbz) = 826c15872c6d19bcbe2408fb34d165b9
-MD5 (perl-5.10.1.tbz) = f71020a8bd0f197c9bf70eb6d03b92af
-MD5 (mysql-client-5.1.45.tbz) = 9cb5878ae922c3d4d0e31efe5712a90a
-MD5 (barnyard2) = 4dbff13291a2b8c5018b7ab62f574bc8
-
diff --git a/config/snort/bin/8.0.x86/md5_files~ b/config/snort/bin/8.0.x86/md5_files~
deleted file mode 100644
index 3b283d80..00000000
--- a/config/snort/bin/8.0.x86/md5_files~
+++ /dev/null
@@ -1,9 +0,0 @@
-#For Freebsd 8.0
-
-
-MD5 (pcre-8.00.tbz) = 8a1ac82500efccefc6418856e27b6cc1
-MD5 (snort-2.8.5.3.tbz) = 826c15872c6d19bcbe2408fb34d165b9
-MD5 (perl-5.10.1.tbz) = f71020a8bd0f197c9bf70eb6d03b92af
-MD5 (mysql-client-5.1.45.tbz) = 9cb5878ae922c3d4d0e31efe5712a90a
-MD5 (barnyard2) = 4dbff13291a2b8c5018b7ab62f574bc8
-
diff --git a/config/snort/bin/8.1x64/barnyard2 b/config/snort/bin/8.1x64/barnyard2
new file mode 100644
index 00000000..3416c814
--- /dev/null
+++ b/config/snort/bin/8.1x64/barnyard2
Binary files differ
diff --git a/config/snort/bin/8.1x86/barnyard2 b/config/snort/bin/8.1x86/barnyard2
new file mode 100644
index 00000000..07e1069f
--- /dev/null
+++ b/config/snort/bin/8.1x86/barnyard2
Binary files differ
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 55f6c045..2f90f385 100644
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -37,7 +37,7 @@ require_once("functions.inc");
require_once("filter.inc");
/* package version */
-$snort_package_version = 'Snort 2.8.6 pkg v. 1.33';
+$snort_package_version = 'Snort 2.8.6.1 pkg v. 1.33';
/* find out if were in 1.2.3-RELEASE */
$pfsense_ver_chk = exec('/bin/cat /etc/version');
@@ -48,6 +48,18 @@ if ($pfsense_ver_chk == '1.2.3-RELEASE')
$pfsense_stable = 'no';
}
+/* find out what arch where in x86 , x64 */
+/* TODO: should be more clear in this code */
+if ($pfsense_stable == 'no') {
+ $snort_arch_ck = '';
+ exec('uname -m', $snort_arch_ck);
+ if($snort_arch_ck[0] == 'i386') {
+ $snort_arch = 'x86';
+ }else{
+ $snort_arch = 'x64';
+ }
+}
+
/* tell me my theme */
$pfsense_theme_is = $config['theme'];
@@ -627,13 +639,18 @@ function snort_postinstall()
exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/javascript/sortableTable.js');
exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/javascript/row_helper.js');
- /* install barnyard2 for 2.0 and 1.2.3 */
+ /* install barnyard2 for 2.0 x86 x64 and 1.2.3 x86 */
chdir ("/usr/local/bin/");
if ($pfsense_stable == 'yes') {
- exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/bin/7.2.x86/barnyard2');
+ exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/bin/7.3.x86/barnyard2');
}else{
- exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/bin/8.0.x86/barnyard2');
+ if ($snort_arch == 'x86') {
+ exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/bin/8.1x86/barnyard2');
+ }else{
+ exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/bin/8.1x64/barnyard2');
+ }
}
+
exec('/bin/chmod 755 /usr/local/bin/barnyard2');
/* back to default */
diff --git a/config/snort/snort_download_rules.php b/config/snort/snort_download_rules.php
index 646f45f1..bb71e049 100644
--- a/config/snort/snort_download_rules.php
+++ b/config/snort/snort_download_rules.php
@@ -39,8 +39,8 @@ require_once("/usr/local/pkg/snort/snort.inc");
$tmpfname = "/usr/local/etc/snort/tmp/snort_rules_up";
$snortdir = "/usr/local/etc/snort";
$snortdir_wan = "/usr/local/etc/snort";
-$snort_filename_md5 = "snortrules-snapshot-2860.tar.gz.md5";
-$snort_filename = "snortrules-snapshot-2860.tar.gz";
+$snort_filename_md5 = "snortrules-snapshot-2861.tar.gz.md5";
+$snort_filename = "snortrules-snapshot-2861.tar.gz";
$emergingthreats_filename_md5 = "version.txt";
$emergingthreats_filename = "emerging.rules.tar.gz";
$pfsense_rules_filename_md5 = "pfsense_rules.tar.gz.md5";
@@ -527,9 +527,9 @@ if ($snortdownload == 'on')
sleep(2);
exec('/usr/local/bin/perl /usr/local/bin/snort_rename.pl s/^/snort_/ *.rules');
/* extract so rules */
- exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/");
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.8.6.1/");
exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
- exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/* /usr/local/lib/snort/dynamicrules/");
+ exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.8.6.1/* /usr/local/lib/snort/dynamicrules/");
/* extract so rules none bin and rename */
exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" .
" so_rules/chat.rules/" .
diff --git a/pkg_config.7.xml b/pkg_config.7.xml
index fa97085b..2a7b94a8 100755
--- a/pkg_config.7.xml
+++ b/pkg_config.7.xml
@@ -404,13 +404,13 @@
<website>http://www.snort.org</website>
<descr>Used by fortune 500 companies and governments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more.</descr>
<category>Security</category>
- <depends_on_package_base_url>http://www.pfsense.com/packages/config/snort/bin/7.2.x86/</depends_on_package_base_url>
- <depends_on_package>pcre-8.02.tbz</depends_on_package>
- <depends_on_package>perl-5.10.1.tbz</depends_on_package>
- <depends_on_package>mysql-client-5.1.44_1.tbz</depends_on_package>
- <depends_on_package>snort-2.8.6_1.tbz</depends_on_package>
+ <depends_on_package_base_url>http://www.pfsense.com/packages/config/snort/bin/7.3.x86/</depends_on_package_base_url>
+ <depends_on_package>pcre-8.10.tbz</depends_on_package>
+ <depends_on_package>perl-threaded-5.12.1_1.tbz</depends_on_package>
+ <depends_on_package>mysql-client-5.1.50_1.tbz</depends_on_package>
+ <depends_on_package>snort-2.8.6.1.tbz</depends_on_package>
<config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file>
- <version>2.8.6 pkg v. 1.33</version>
+ <version>2.8.6.1 pkg v. 1.33</version>
<required_version>1.2.3</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index 5948c5fd..e17e221b 100755
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -290,17 +290,17 @@
<website>http://www.snort.org</website>
<descr>Used by fortune 500 companies and governments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more.</descr>
<category>Security</category>
- <depends_on_package_base_url>http://www.pfsense.com/packages/config/snort/bin/8.0.x86/</depends_on_package_base_url>
- <depends_on_package>pcre-8.02.tbz</depends_on_package>
- <depends_on_package>perl-5.10.1.tbz</depends_on_package>
- <depends_on_package>mysql-client-5.1.45.tbz</depends_on_package>
- <depends_on_package>snort-2.8.6_1.tbz</depends_on_package>
+ <depends_on_package_base_url>http://www.pfsense.com/packages/config/snort/bin/8.1x86/</depends_on_package_base_url>
+ <depends_on_package>pcre-8.10.tbz</depends_on_package>
+ <depends_on_package>perl-threaded-5.12.1_1.tbz</depends_on_package>
+ <depends_on_package>mysql-client-5.1.50_1.tbz</depends_on_package>
+ <depends_on_package>snort-2.8.6.1.tbz</depends_on_package>
<build_port_path>/usr/ports/devel/pcre</build_port_path>
<build_port_path>/usr/ports/lang/perl5.10</build_port_path>
<build_port_path>/usr/ports/databases/mysql51-client</build_port_path>
<build_port_path>/usr/ports/security/snort</build_port_path>
<config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file>
- <version>2.8.6 pkg v. 1.33</version>
+ <version>2.8.6.1 pkg v. 1.33</version>
<required_version>2.0</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 3860feee..04283874 100755
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -307,10 +307,17 @@
<website>http://www.snort.org</website>
<descr>Used by fortune 500 companies and governments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more.</descr>
<category>Security</category>
+<<<<<<< HEAD
<depends_on_package_base_url>http://www.pfsense.com/packages/config/snort/bin/8.0.x86/</depends_on_package_base_url>
<depends_on_package>pcre-8.02.tbz</depends_on_package>
<depends_on_package>perl-5.10.1_2.tbz</depends_on_package>
<depends_on_package>mysql-client-5.0.90.tbz</depends_on_package>
+=======
+ <depends_on_package_base_url>http://www.pfsense.com/packages/config/snort/bin/8.1x64/</depends_on_package_base_url>
+ <depends_on_package>pcre-8.10.tbz</depends_on_package>
+ <depends_on_package>perl-threaded-5.12.1_1.tbz</depends_on_package>
+ <depends_on_package>mysql-client-5.1.50_1.tbz</depends_on_package>
+>>>>>>> snort, update binaries for 1.2.3 x86, 2.0 x86, x64, update rule files to match.
<depends_on_package>snort-2.8.6.1.tbz</depends_on_package>
<build_port_path>/usr/ports/devel/pcre</build_port_path>
<build_port_path>/usr/ports/lang/perl5.10</build_port_path>
@@ -318,7 +325,7 @@
<build_port_path>/usr/ports/security/snort</build_port_path>
<build_options>WITHOUT_DEBUGGING=true WITHOUT_GDBM=true WITHOUT_PERL_MALLOC=true WITH_PERL_64BITINT=true WITHOUT_THREADS=true WITHOUT_MULTIPLICITY=true WITHOUT_SUIDPERL=true WITHOUT_SITECUSTOMIZE=true WITH_USE_PERL=true</build_options>
<config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file>
- <version>2.8.6 pkg v. 1.31</version>
+ <version>2.8.6.1 pkg v. 1.33</version>
<required_version>2.0</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>