diff options
| -rwxr-xr-x | config/snort/snort.inc | 21 | ||||
| -rwxr-xr-x | config/snort/snort_check_for_rule_updates.php | 11 | ||||
| -rwxr-xr-x | config/snort/snort_rules.php | 2 | ||||
| -rwxr-xr-x | config/snort/snort_rulesets.php | 4 | ||||
| -rw-r--r-- | pkg_config.8.xml.amd64 | 39 |
5 files changed, 65 insertions, 12 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index afc9c861..47af4faf 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -755,9 +755,10 @@ function snort_build_sid_msg_map($rules_path, $sid_file) { if (stristr($file, "deleted")) continue; - /* Read the file into an array, skipping empty lines. */ + /* Read the file into an array, skipping missing files. */ if (!file_exists($file)) continue; + $rules_array = file($file, FILE_SKIP_EMPTY_LINES); $record = ""; $b_Multiline = false; @@ -948,13 +949,11 @@ function snort_load_rules_map($rules_path) { if (stristr($file, "deleted")) continue; - /* Read the file contents into an array, skipping */ - /* empty lines. */ + /* Read the file contents into an array, skipping */ + /* missing files. */ if (!file_exists($file)) continue; - if (!file_exists($file)) - continue; $rules_array = file($file, FILE_SKIP_EMPTY_LINES); $record = ""; $b_Multiline = false; @@ -1331,7 +1330,7 @@ function snort_load_vrt_policy($policy) { /* Release memory we no longer need. */ unset($all_rules_map, $arulem, $arulem2); - + /* Return all the rules that match the policy. */ return $vrt_policy_rules; } @@ -1348,6 +1347,10 @@ function snort_write_enforcing_rules_file(&$rule_map, $rule_path) { $rule_file = "/snort.rules"; + /* If the $rule_map array is empty, then exit. */ + if (empty($rule_map)) + return; + /* See if we were passed a directory or full */ /* filename to write the rules to, and adjust */ /* the destination argument accordingly. */ @@ -2153,8 +2156,10 @@ EOD; /* Create an array with the full path filenames of the enabled */ /* rule category files if we have any. */ if (!empty($snortcfg['rulesets'])) { - foreach (explode("||", $snortcfg['rulesets']) as $file) - $enabled_files[] = "{$snortdir}/rules/" . $file; + foreach (explode("||", $snortcfg['rulesets']) as $file) { + if (file_exists("{$snortdir}/rules/" . $file)) + $enabled_files[] = "{$snortdir}/rules/" . $file; + } /* Load our rules map in preparation for writing the enforcing rules file. */ $enabled_rules = snort_load_rules_map($enabled_files); diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index cfa7017d..a3e45b5d 100755 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -335,8 +335,10 @@ function snort_apply_customizations($snortcfg, $if_real) { /* Create an array with the full path filenames of the enabled */ /* rule category files if we have any. */ if (!empty($snortcfg['rulesets'])) { - foreach (explode("||", $snortcfg['rulesets']) as $file) - $enabled_files[] = "{$snortdir}/rules/" . $file; + foreach (explode("||", $snortcfg['rulesets']) as $file) { + if (file_exists()) + $enabled_files[] = "{$snortdir}/rules/" . $file; + } /* Load our rules map in preparation for writing the enforcing rules file. */ $enabled_rules = snort_load_rules_map($enabled_files); @@ -369,6 +371,11 @@ function snort_apply_customizations($snortcfg, $if_real) { log_error('Resolving and auto-enabling flowbit required rules for ' . snort_get_friendly_interface($snortcfg['interface']) . '...'); $enabled_files[] = "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/rules/{$snort_enforcing_rules_file}"; snort_write_flowbit_rules_file(snort_resolve_flowbits($enabled_files), "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/rules/{$flowbit_rules_file}"); + if (file_exists("{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/rules/{$flowbit_rules_file}")) { + exec("/usr/bin/grep 'include \$RULE_PATH/{$flowbit_rules_file}' {$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/snort.conf", $out, $rval); + if (empty($out)) + file_put_contents("{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/snort.conf", "include \$RULE_PATH/{$flowbit_rules_file}\n", FILE_APPEND); + } } /* Build a new sid-msg.map file from the enabled rules. */ diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index f332a96d..83e1ea8b 100755 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -100,7 +100,7 @@ if ($currentruleset != 'custom.rules') { if (substr($currentruleset, 0, 10) == "IPS Policy") $rules_map = snort_load_vrt_policy($a_rule[$id]['ips_policy']); elseif (!file_exists($rulefile)) - $input_errors[] = "{$currentruleset} seems to be missing!!! Please go to the Category tab and save again the rule to regenerate it."; + $input_errors[] = "{$currentruleset} seems to be missing!!! Please go to the Category tab and save the rule set again to regenerate it."; else $rules_map = snort_load_rules_map($rulefile); } diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php index 9c562d31..23a24bea 100755 --- a/config/snort/snort_rulesets.php +++ b/config/snort/snort_rulesets.php @@ -230,7 +230,9 @@ function enable_change() <table id="maintable" class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <?php $isrulesfolderempty = glob("{$snortdir}/rules/*.rules"); - $iscfgdirempty = glob("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/*.rules"); + $iscfgdirempty = array(); + if (file_exists("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/custom.rules")) + $iscfgdirempty = (array)("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/custom.rules"); if (empty($isrulesfolderempty) && empty($iscfgdirempty)): ?> <tr> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index b7fe69e3..995564e2 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -1775,5 +1775,44 @@ <config_file>http://www.pfsense.com/packages/config/syslog-ng/syslog-ng.xml</config_file> <configurationfile>syslog-ng.xml</configurationfile> </package> + <package> + <name>Zabbix-2 Agent</name> + <descr>Monitoring agent.</descr> + <category>Services</category> + <config_file>http://www.pfsense.org/packages/config/zabbix2-agent/zabbix2-agent.xml</config_file> + <version>zabbix2-agent-2.0.4 pkg v0.3</version> + <status>BETA</status> + <required_version>2.0</required_version> + <configurationfile>zabbix2-agent.xml</configurationfile> + <maintainer>dbaio@bsd.com.br</maintainer> + <build_port_path>/usr/ports/net-mgmt/zabbix2-agent</build_port_path> + <build_pbi> + <custom_name>zabbix2-agent</custom_name> + <port>net-mgmt/zabbix2-agent</port> + </build_pbi> + <depends_on_package_base_url>http://www.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>zabbix2-agent-2.0.4.tbz</depends_on_package> + <depends_on_package_pbi>zabbix2-agent-2.0.4-amd64.pbi</depends_on_package_pbi> + </package> + <package> + <name>Zabbix-2 Proxy</name> + <descr>Monitoring agent proxy.</descr> + <category>Services</category> + <config_file>http://www.pfsense.org/packages/config/zabbix2-proxy/zabbix2-proxy.xml</config_file> + <version>zabbix2-proxy-2.0.4 pkg v0.3</version> + <status>BETA</status> + <required_version>2.0</required_version> + <configurationfile>zabbix2-proxy.xml</configurationfile> + <maintainer>dbaio@bsd.com.br</maintainer> + <build_port_path>/usr/ports/net-mgmt/zabbix2-proxy</build_port_path> + <build_pbi> + <custom_name>zabbix2-proxy</custom_name> + <port>net-mgmt/zabbix2-proxy</port> + </build_pbi> + <build_options>OPTIONS_SET+= SQLITE;OPTIONS_UNSET+= MYSQL JABBER LDAP</build_options> + <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>zabbix2-proxy-2.0.4.tbz</depends_on_package> + <depends_on_package_pbi>zabbix2-proxy-2.0.4-amd64.pbi</depends_on_package_pbi> + </package> </packages> </pfsensepkgs> |