aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconfig/snort/snort.inc73
-rwxr-xr-xconfig/snort/snort.xml2
-rw-r--r--config/snort/snort_interfaces_global.php52
-rw-r--r--pkg_config.8.xml2
-rw-r--r--pkg_config.8.xml.amd642
5 files changed, 82 insertions, 49 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index ff822085..9988ad48 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -44,7 +44,7 @@ global $snort_community_rules_filename, $snort_community_rules_url, $emergingthr
/* package version */
$snort_version = "2.9.4.1";
-$pfSense_snort_version = "2.5.5";
+$pfSense_snort_version = "2.5.6";
$snort_package_version = "Snort {$snort_version} pkg v. {$pfSense_snort_version}";
// Define SNORTDIR and SNORTLIBDIR constants according to FreeBSD version (PBI support or no PBI)
@@ -1572,8 +1572,9 @@ function snort_create_rc() {
if [ ! -f {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid ]; then
/bin/pgrep -xf '/usr/local/bin/barnyard2 -r {$snort_uuid} -f snort_{$snort_uuid}_{$if_real}.u2 --pid-path {$g['varrun_path']} --nolock-pidfile -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -d /var/log/snort/snort_{$if_real}{$snort_uuid} -D -q' > {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid
+ else
+ /bin/pgrep -F {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid
fi
- /bin/pgrep -F {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid
if [ $? = 0 ]; then
/bin/pkill -HUP -F {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid -a
else
@@ -1584,10 +1585,30 @@ EOE;
$stop_barnyard2 = <<<EOE
if [ -f {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid ]; then
+ pid=`/bin/pgrep -F {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid`
/bin/pkill -F {$g['varrun_path']}/barnyard2_{$if_real}{$snort_uuid}.pid -a
- /bin/rm /var/run/barnyard2_{$if_real}{$snort_uuid}.pid
+ time=0 timeout=30
+ while kill -0 \$pid 2>/dev/null; do
+ sleep 1
+ time=\$((time+1))
+ if [ \$time -gt \$timeout ]; then
+ break
+ fi
+ done
+ if [ -f /var/run/barnyard2_{$if_real}{$snort_uuid}.pid ]; then
+ /bin/rm /var/run/barnyard2_{$if_real}{$snort_uuid}.pid
+ fi
else
+ pid=`/bin/pgrep -xf '/usr/local/bin/barnyard2 -r {$snort_uuid} -f snort_{$snort_uuid}_{$if_real}.u2 --pid-path {$g['varrun_path']} --nolock-pidfile -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -d /var/log/snort/snort_{$if_real}{$snort_uuid} -D -q'`
/bin/pkill -xf '/usr/local/bin/barnyard2 -r {$snort_uuid} -f snort_{$snort_uuid}_{$if_real}.u2 --pid-path {$g['varrun_path']} --nolock-pidfile -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -d /var/log/snort/snort_{$if_real}{$snort_uuid} -D -q'
+ time=0 timeout=30
+ while kill -0 \$pid 2>/dev/null; do
+ sleep 1
+ time=\$((time+1))
+ if [ \$time -gt \$timeout ]; then
+ break
+ fi
+ done
fi
EOE;
@@ -1599,20 +1620,12 @@ EOE;
$start_snort_iface_start[] = <<<EOE
###### For Each Iface
-#### Only try to restart if snort is running on Iface
- if [ ! -f {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid ]; then
- /bin/pgrep -xf '/usr/local/bin/snort -R {$snort_uuid} -D -q -l /var/log/snort/snort_{$if_real}{$snort_uuid} --pid-path {$g['varrun_path']} --nolock-pidfile -G {$snort_uuid} -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}' > {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid
- fi
- /bin/pgrep -nF {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid
- if [ $? = 0 ]; then
- /bin/pkill -HUP -F {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid -a
- /usr/bin/logger -p daemon.info -i -t SnortStartup "Snort SOFT START For {$value['descr']}({$snort_uuid}_{$if_real})..."
- else
- # Start snort and barnyard2
+ # Start snort and barnyard2
+ if [ -f {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid ]; then
/bin/rm {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid
- /usr/local/bin/snort -R {$snort_uuid} -D -q -l /var/log/snort/snort_{$if_real}{$snort_uuid} --pid-path {$g['varrun_path']} --nolock-pidfile -G {$snort_uuid} -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}
- /usr/bin/logger -p daemon.info -i -t SnortStartup "Snort START For {$value['descr']}({$snort_uuid}_{$if_real})..."
fi
+ /usr/local/bin/snort -R {$snort_uuid} -D -q -l /var/log/snort/snort_{$if_real}{$snort_uuid} --pid-path {$g['varrun_path']} --nolock-pidfile -G {$snort_uuid} -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}
+ /usr/bin/logger -p daemon.info -i -t SnortStartup "Snort START For {$value['descr']}({$snort_uuid}_{$if_real})..."
sleep 2
{$start_barnyard2}
@@ -1623,10 +1636,30 @@ EOE;
/usr/bin/logger -p daemon.info -i -t SnortStartup "Snort STOP For {$value['descr']}({$snort_uuid}_{$if_real})..."
if [ -f {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid ]; then
+ pid=`/bin/pgrep -F {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid`
/bin/pkill -F {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid -a
- /bin/rm /var/run/snort_{$if_real}{$snort_uuid}.pid
- else
+ time=0 timeout=30
+ while kill -0 \$pid 2>/dev/null; do
+ sleep 1
+ time=\$((time+1))
+ if [ \$time -gt \$timeout ]; then
+ break
+ fi
+ done
+ if [ -f /var/run/snort_{$if_real}{$snort_uuid}.pid ]; then
+ /bin/rm /var/run/snort_{$if_real}{$snort_uuid}.pid
+ fi
+ else
+ pid=`/bin/pgrep -xf '/usr/local/bin/snort -R {$snort_uuid} -D -q -l /var/log/snort/snort_{$if_real}{$snort_uuid} --pid-path {$g['varrun_path']} --nolock-pidfile -G {$snort_uuid} -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}'`
/bin/pkill -xf '/usr/local/bin/snort -R {$snort_uuid} -D -q -l /var/log/snort/snort_{$if_real}{$snort_uuid} --pid-path {$g['varrun_path']} --nolock-pidfile -G {$snort_uuid} -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}'
+ time=0 timeout=30
+ while kill -0 \$pid 2>/dev/null; do
+ sleep 1
+ time=\$((time+1))
+ if [ \$time -gt \$timeout ]; then
+ break
+ fi
+ done
fi
sleep 2
@@ -1728,6 +1761,9 @@ config interface: {$if_real}
config decode_data_link
config waldo_file: /var/log/snort/snort_{$if_real}{$snort_uuid}/barnyard2/{$snort_uuid}_{$if_real}.waldo
+# Show year in timestamps
+config show_year
+
## START user pass through ##
{$snortbarnyardlog_config_pass_thru}
@@ -2626,6 +2662,9 @@ config pcre_match_limit_recursion: 1500
config detection: search-method {$snort_performance} search-optimize max-pattern-len 20 max_queue_events 5
config event_queue: max_queue 8 log 5 order_events content_length
+# Configure to show year in timestamps
+config show_year
+
# Configure protocol aware flushing #
# For more information see README.stream5 #
config paf_max: 16000
diff --git a/config/snort/snort.xml b/config/snort/snort.xml
index fff8d251..1419e3bd 100755
--- a/config/snort/snort.xml
+++ b/config/snort/snort.xml
@@ -47,7 +47,7 @@
<faq>Currently there are no FAQ items provided.</faq>
<name>Snort</name>
<version>2.9.4.1</version>
- <title>Services:2.9.4.1 pkg v. 2.5.5</title>
+ <title>Services:2.9.4.1 pkg v. 2.5.6</title>
<include_file>/usr/local/pkg/snort/snort.inc</include_file>
<menu>
<name>Snort</name>
diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php
index 9c63ac04..46ee57ab 100644
--- a/config/snort/snort_interfaces_global.php
+++ b/config/snort/snort_interfaces_global.php
@@ -244,35 +244,29 @@ function enable_snort_vrt(btn) {
<span class="red"><strong><?php echo gettext("Note"); ?></span>:</strong><br>
<?php echo gettext("Available space is"); ?> <strong><?php echo $snortlogCurrentDSKsize; ?>&nbsp;MB</strong></td>
<td width="78%" class="vtable">
- <table cellpadding="0" cellspacing="0">
- <tr>
- <td colspan="2"><input name="snortloglimit" type="radio"
- id="snortloglimit" value="on"
-<?php if($pconfig['snortloglimit']=='on') echo 'checked'; ?>><span class="vexpl">
- <strong><?php echo gettext("Enable"); ?></strong> <?php echo gettext("directory size limit"); ?> (<strong><?php echo gettext("Default"); ?></strong>)</span></td>
- </tr>
- <tr>
- <td colspan="2"><input name="snortloglimit" type="radio"
- id="snortloglimit" value="off"
-<?php if($pconfig['snortloglimit']=='off') echo 'checked'; ?>> <span class="vexpl"><strong><?php echo gettext("Disable"); ?></strong>
- <?php echo gettext("directory size limit"); ?></span><br>
- <br>
- <span class="red"><strong><?php echo gettext("Warning"); ?></span>:</strong> <?php echo gettext("Nanobsd " .
- "should use no more than 10MB of space."); ?></td>
- </tr>
- <tr>
- <td>&nbsp;</td>
- </tr>
- </table>
- <table width="100%" border="0" cellpadding="2" cellspacing="0">
- <tr>
- <td><span class="vexpl"><?php echo gettext("Size in"); ?> <strong>MB</strong><span></td>
- <td><input name="snortloglimitsize" type="text" class="formfld" id="snortloglimitsize" size="7" value="
- <?=htmlspecialchars($pconfig['snortloglimitsize']);?>">&nbsp;&nbsp;
- <?php printf(gettext("Default is %s20%%%s of available space."), '<strong>', '</strong>'); ?></td>
- </tr>
- </table>
-
+ <table cellpadding="0" cellspacing="0">
+ <tr>
+ <td colspan="2"><input name="snortloglimit" type="radio" id="snortloglimit" value="on"
+ <?php if($pconfig['snortloglimit']=='on') echo 'checked'; ?>><span class="vexpl">
+ <strong><?php echo gettext("Enable"); ?></strong> <?php echo gettext("directory size limit"); ?> (<strong><?php echo gettext("Default"); ?></strong>)</span></td>
+ </tr>
+ <tr>
+ <td colspan="2"><input name="snortloglimit" type="radio" id="snortloglimit" value="off"
+ <?php if($pconfig['snortloglimit']=='off') echo 'checked'; ?>> <span class="vexpl"><strong><?php echo gettext("Disable"); ?></strong>
+ <?php echo gettext("directory size limit"); ?></span><br>
+ <br>
+ <span class="red"><strong><?php echo gettext("Warning"); ?></span>:</strong> <?php echo gettext("Nanobsd " .
+ "should use no more than 10MB of space."); ?></td>
+ </tr>
+ </table>
+ <table width="100%" border="0" cellpadding="2" cellspacing="0">
+ <tr>
+ <td><span class="vexpl"><?php echo gettext("Size in"); ?> <strong>MB</strong></span></td>
+ <td><input name="snortloglimitsize" type="text" class="formfld" id="snortloglimitsize" size="10" value="<?=htmlspecialchars($pconfig['snortloglimitsize']);?>">
+ &nbsp;&nbsp;<?php printf(gettext("Default is %s20%%%s of available space."), '<strong>', '</strong>'); ?></td>
+ </tr>
+ </table>
+ </td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?php echo gettext("Remove blocked hosts " .
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index af5e6e0a..d97d93f1 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -512,7 +512,7 @@
<!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. -->
<build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL;snort_UNSET=TARGETBASED PERFPROFILE REACT;snort_SET=DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITHOUT_TARGETBASED=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITHOUT_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options>
<config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file>
- <version>2.9.4.1 pkg v. 2.5.5</version>
+ <version>2.9.4.1 pkg v. 2.5.6</version>
<required_version>2.0</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 3eb488f4..c831b5f0 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -499,7 +499,7 @@
<!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. -->
<build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL;snort_UNSET=TARGETBASED PERFPROFILE REACT;snort_SET=DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITHOUT_TARGETBASED=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITHOUT_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options>
<config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file>
- <version>2.9.4.1 pkg v. 2.5.5</version>
+ <version>2.9.4.1 pkg v. 2.5.6</version>
<required_version>2.0</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>