diff options
| -rw-r--r-- | config/snort-dev/NOTES.txt | 2 | ||||
| -rw-r--r-- | config/snort-dev/snort.inc | 8 | ||||
| -rw-r--r-- | config/snort-dev/snort.xml | 9 |
3 files changed, 13 insertions, 6 deletions
diff --git a/config/snort-dev/NOTES.txt b/config/snort-dev/NOTES.txt index f491b45c..fa3eb844 100644 --- a/config/snort-dev/NOTES.txt +++ b/config/snort-dev/NOTES.txt @@ -18,8 +18,6 @@ Move the Snort GUI to base of Pfsense. The divert options should be added to fir Ask Ermal to add divert out to Pfsense again though, he has kept divert in. - - ================================= Any Devs that would like to help please work on snort_rules_edit.php and snort_rules.php. They work but need cleaning up. ================================= diff --git a/config/snort-dev/snort.inc b/config/snort-dev/snort.inc index 2703232f..76754ee4 100644 --- a/config/snort-dev/snort.inc +++ b/config/snort-dev/snort.inc @@ -121,6 +121,8 @@ function sync_package_snort() // if($bpfmaxinsns) // mwexec_bg("sysctl net.bpf.maxinsns={$bpfmaxinsns}"); +/* do not start config build if rules is empty */ +if (!empty($config['installedpackages']['snortglobal']['rule'])) { if ($id == "") { $rule_array = $config['installedpackages']['snortglobal']['rule']; @@ -158,7 +160,8 @@ if ($snortbarnyardlog_info_chk == on) if ($snortbarnyardlog_info_chk == on) create_barnyard2_conf(); -} + } +} conf_mount_ro(); @@ -1126,12 +1129,13 @@ function snort_rules_up_install_cron($should_install) { $home_net .= "127.0.0.1 "; /* iterate all vips and add to whitelist */ + if($config['virtualip']) foreach($config['virtualip']['vip'] as $vip) if($vip['subnet']) $home_net .= $vip['subnet'] . " "; - if($config['installedpackages']['snortglobal']) + if($config['installedpackages']['snortglobal']['whitelist']) foreach($config['installedpackages']['snortglobal']['whitelist'] as $snort) if($snort['ip']) $home_net .= $snort['ip'] . " "; diff --git a/config/snort-dev/snort.xml b/config/snort-dev/snort.xml index 8f9a8400..99b9b77e 100644 --- a/config/snort-dev/snort.xml +++ b/config/snort-dev/snort.xml @@ -59,7 +59,7 @@ <name>snort</name> <rcfile>snort.sh</rcfile> <executable>snort</executable> - <description>Snort is the most widely deployed IDS/IPS technology worldwide..</description> + <description>Snort is the most widely deployed IDS/IPS technology worldwide.</description> </service> <tabs> </tabs> @@ -74,7 +74,7 @@ <item>http://www.pfsense.com/packages/config/snort-dev/snort_gui.inc</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/pkg/snort/</prefix> + <prefix>/usr/local/pkg/pf/</prefix> <chmod>077</chmod> <item>http://www.pfsense.com/packages/config/snort-dev/snort_dynamic_ip_reload.php</item> </additional_files_needed> @@ -126,6 +126,11 @@ <additional_files_needed> <prefix>/usr/local/www/snort/</prefix> <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-dev/style.css</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/snort/</prefix> + <chmod>077</chmod> <item>http://www.pfsense.com/packages/config/snort-dev/snort_interfaces.php</item> </additional_files_needed> <additional_files_needed> |