diff options
Diffstat (limited to 'config/snort-dev')
-rw-r--r-- | config/snort-dev/snort.inc | 47 | ||||
-rw-r--r-- | config/snort-dev/snort_download_rules.php | 16 |
2 files changed, 32 insertions, 31 deletions
diff --git a/config/snort-dev/snort.inc b/config/snort-dev/snort.inc index a9e876d9..12a68f23 100644 --- a/config/snort-dev/snort.inc +++ b/config/snort-dev/snort.inc @@ -433,22 +433,6 @@ function sync_package_snort() { global $config, $g, $id, $if_real, $interface_fake; conf_mount_rw(); - - /* snort advanced features - bpf tuning */ -// if($bpfbufsize) -// $start .= "sysctl net.bpf.bufsize={$bpfbufsize}\n"; -// if($bpfmaxbufsize) -// $start .= "sysctl net.bpf.maxbufsize={$bpfmaxbufsize}\n"; -// if($bpfmaxinsns) -// $start .= "sysctl net.bpf.maxinsns={$bpfmaxinsns}\n"; - - /* go ahead and issue bpf changes */ -// if($bpfbufsize) -// mwexec_bg("sysctl net.bpf.bufsize={$bpfbufsize}"); -// if($bpfmaxbufsize) -// mwexec_bg("sysctl net.bpf.maxbufsize={$bpfmaxbufsize}"); -// if($bpfmaxinsns) -// mwexec_bg("sysctl net.bpf.maxinsns={$bpfmaxinsns}"); /* RedDevil suggested code */ /* TODO: more testing needs to be done */ @@ -477,7 +461,10 @@ exec("/sbin/sysctl net.inet.tcp.rfc1323=1"); create_snort_conf(); /* create snort.sh file */ - create_snort_sh(); + create_snort_sh(); + + /* if rules exist cp rules to each iface */ + create_rules_iface(); /* create barnyard2 configuration file */ $snortbarnyardlog_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['barnyard_enable']; @@ -493,6 +480,9 @@ exec("/sbin/sysctl net.inet.tcp.rfc1323=1"); /* create snort.sh file */ create_snort_sh(); + + /* if rules exist cp rules to each iface */ + create_rules_iface(); /* create barnyard2 configuration file */ $snortbarnyardlog_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['barnyard_enable']; @@ -523,14 +513,25 @@ exec("/sbin/sysctl net.inet.tcp.rfc1323=1"); /* Start of main config files */ /* Start of main config files */ + + /* if rules exist copy to new interfaces */ -$if_rule_dir = "/usr/local/etc/snort/snort_$id$if_real/rules"; -$folder_chk = (count(glob("$if_rule_dir/*")) === 0) ? 'empty' : 'full'; +function create_rules_iface() +{ -if($folder_chk == "empty") { - exec("/bin/cp -R /usr/local/etc/snort/rules /usr/local/etc/snort/snort_$id$if_real"); - if(file_exists("/usr/local/etc/snort/custom_rules/local_$id$if_real.rules")) { - exec("/bin/cp /usr/local/etc/snort/custom_rules/local_$id$if_real.rules /usr/local/etc/snort/snort_$id$if_real/rules/local_$id$if_real.rules"); + global $config, $g, $id, $if_real; + conf_mount_rw(); + + $if_rule_dir = "/usr/local/etc/snort/snort_$id$if_real/rules"; + $folder_chk = (count(glob("$if_rule_dir/*")) === 0) ? 'empty' : 'full'; + + if ($folder_chk == "empty") + { + exec("/bin/cp -R /usr/local/etc/snort/rules /usr/local/etc/snort/snort_$id$if_real"); + if (file_exists("/usr/local/etc/snort/custom_rules/local_$id$if_real.rules")) + { + exec("/bin/cp /usr/local/etc/snort/custom_rules/local_$id$if_real.rules /usr/local/etc/snort/snort_$id$if_real/rules/local_$id$if_real.rules"); + } } } diff --git a/config/snort-dev/snort_download_rules.php b/config/snort-dev/snort_download_rules.php index 576e0dff..83e11e05 100644 --- a/config/snort-dev/snort_download_rules.php +++ b/config/snort-dev/snort_download_rules.php @@ -183,7 +183,7 @@ include("/usr/local/www/head.inc"); function displaymessage() { - $.blockUI.defaults.message = "Please be patient ROB..."; + $.blockUI.defaults.message = "Please be patient...."; $.blockUI({ @@ -1080,13 +1080,13 @@ if ($snort_md5_check_ok != on || $emerg_md5_check_chk_ok != on || $pfsense_md5_c $config['installedpackages']['snortglobal']['last_rules_install'] = date("Y-M-jS-h:i-A"); /* remove old $tmpfname files */ -//if (file_exists("{$tmpfname}")) { -// update_status(gettext("Cleaning up...")); -// exec("/bin/rm -r /tmp/snort_rules_up"); -// sleep(2); -// exec("/bin/rm -r {$snortdir}/rules_bk/rules/"); -// apc_clear_cache(); -//} +if (file_exists("{$tmpfname}")) { + update_status(gettext("Cleaning up...")); + exec("/bin/rm -r /tmp/snort_rules_up"); + sleep(2); + exec("/bin/rm -r {$snortdir}/rules_bk/rules/"); + apc_clear_cache(); +} /* php code to flush out cache some people are reportting missing files this might help */ sleep(2); |