diff options
Diffstat (limited to 'config/snort-old/snort.xml')
| -rw-r--r-- | config/snort-old/snort.xml | 378 |
1 files changed, 378 insertions, 0 deletions
diff --git a/config/snort-old/snort.xml b/config/snort-old/snort.xml new file mode 100644 index 00000000..3bc40fce --- /dev/null +++ b/config/snort-old/snort.xml @@ -0,0 +1,378 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + authng.xml + part of pfSense (http://www.pfsense.com) + Copyright (C) 2007 to whom it may belong + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>Snort</name> + <version>2.8.4.1_5</version> + <title>Services: Snort 2.8.4.1_5 pkg v. 1.8</title> + <include_file>/usr/local/pkg/snort.inc</include_file> + <menu> + <name>Snort</name> + <tooltiptext>Setup snort specific settings</tooltiptext> + <section>Services</section> + <url>/pkg_edit.php?xml=snort.xml&id=0</url> + </menu> + <service> + <name>snort</name> + <rcfile>snort.sh</rcfile> + <executable>snort</executable> + <description>Snort is the most widely deployed IDS/IPS technology worldwide..</description> + </service> + <tabs> + <tab> + <text>Settings</text> + <url>/pkg_edit.php?xml=snort.xml&id=0</url> + <active/> + </tab> + <tab> + <text>Update Rules</text> + <url>/snort_download_rules.php</url> + </tab> + <tab> + <text>Categories</text> + <url>/snort_rulesets.php</url> + </tab> + <tab> + <text>Rules</text> + <url>/snort_rules.php</url> + </tab> + <tab> + <text>Servers</text> + <url>/pkg_edit.php?xml=snort_define_servers.xml&id=0</url> + </tab> + <tab> + <text>Blocked</text> + <url>/snort_blocked.php</url> + </tab> + <tab> + <text>Whitelist</text> + <url>/pkg.php?xml=snort_whitelist.xml</url> + </tab> + <tab> + <text>Threshold</text> + <url>/pkg.php?xml=snort_threshold.xml</url> + </tab> + <tab> + <text>Alerts</text> + <url>/snort_alerts.php</url> + </tab> + <tab> + <text>Advanced</text> + <url>/pkg_edit.php?xml=snort_advanced.xml&id=0</url> + </tab> + </tabs> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/bin/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/bin/barnyard2</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/bin/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/bin/oinkmaster_contrib/create-sidmap.pl</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/bin/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/bin/oinkmaster_contrib/oinkmaster.pl</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_download_rules.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_rules.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_rules_edit.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_rulesets.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_whitelist.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_blocked.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_check_for_rule_updates.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_alerts.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/pf/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_dynamic_ip_reload.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_advanced.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_define_servers.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/snort_threshold.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort-old/pfsense_rules/local.rules</item> + </additional_files_needed> + <fields> + <field> + <fielddescr>Interface</fielddescr> + <fieldname>iface_array</fieldname> + <description>Select the interface(s) Snort will listen on.</description> + <type>interfaces_selection</type> + <size>3</size> + <value>lan</value> + <multiple>true</multiple> + </field> + <field> + <fielddescr>Memory Performance</fielddescr> + <fieldname>performance</fieldname> + <description>Lowmem and ac-bnfa are recommended for low end systems, Ac: high memory, best performance, ac-std: moderate memory,high performance, acs: small memory, moderateperformance, ac-banded: small memory,moderate performance, ac-sparsebands: small memory, high performance.</description> + <type>select</type> + <options> + <option> + <name>ac-bnfa</name> + <value>ac-bnfa</value> + </option> + <option> + <name>lowmem</name> + <value>lowmem</value> + </option> + <option> + <name>ac-std</name> + <value>ac-std</value> + </option> + <option> + <name>ac</name> + <value>ac</value> + </option> + <option> + <name>ac-banded</name> + <value>ac-banded</value> + </option> + <option> + <name>ac-sparsebands</name> + <value>ac-sparsebands</value> + </option> + <option> + <name>acs</name> + <value>acs</value> + </option> + </options> + </field> + <field> + <fielddescr>Oinkmaster code</fielddescr> + <fieldname>oinkmastercode</fieldname> + <description>Obtain a snort.org Oinkmaster code and paste here.</description> + <type>input</type> + <size>60</size> + <value></value> + </field> + <field> + <fielddescr>Snort.org subscriber</fielddescr> + <fieldname>subscriber</fieldname> + <description>Check this box if you are a Snort.org subscriber (premium rules).</description> + <type>checkbox</type> + <size>60</size> + </field> + <field> + <fielddescr>Block offenders</fielddescr> + <fieldname>blockoffenders7</fieldname> + <description>Checking this option will automatically block hosts that generate a snort alert.</description> + <type>checkbox</type> + <size>60</size> + </field> + <field> + <fielddescr>Remove blocked hosts every</fielddescr> + <fieldname>rm_blocked</fieldname> + <description>Please select the amount of time hosts are blocked</description> + <type>select</type> + <options> + <option> + <name>never</name> + <value>never_b</value> + </option> + <option> + <name>1 hour</name> + <value>1h_b</value> + </option> + <option> + <name>3 hours</name> + <value>3h_b</value> + </option> + <option> + <name>6 hours</name> + <value>6h_b</value> + </option> + <option> + <name>12 hours</name> + <value>12h_b</value> + </option> + <option> + <name>1 day</name> + <value>1d_b</value> + </option> + <option> + <name>4 days</name> + <value>4d_b</value> + </option> + <option> + <name>7 days</name> + <value>7d_b</value> + </option> + <option> + <name>28 days</name> + <value>28d_b</value> + </option> + </options> + </field> + <field> + </field> + <field> + <fielddescr>Update rules automatically</fielddescr> + <fieldname>autorulesupdate7</fieldname> + <description>Please select the update times for rules.</description> + <type>select</type> + <options> + <option> + <name>never</name> + <value>never_up</value> + </option> + <option> + <name>6 hours</name> + <value>6h_up</value> + </option> + <option> + <name>12 hours</name> + <value>12h_up</value> + </option> + <option> + <name>1 day</name> + <value>1d_up</value> + </option> + <option> + <name>4 days</name> + <value>4d_up</value> + </option> + <option> + <name>7 days</name> + <value>7d_up</value> + </option> + <option> + <name>28 days</name> + <value>28d_up</value> + </option> + </options> + </field> + <field> + <fielddescr>Whitelist VPNs automatically</fielddescr> + <fieldname>whitelistvpns</fieldname> + <description>Checking this option will install whitelists for all VPNs.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Convert Snort alerts urls to clickable links</fielddescr> + <fieldname>clickablalerteurls</fieldname> + <description>Checking this option will automatically convert URLs in the Snort alerts tab to clickable links.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Associate events on Blocked tab</fielddescr> + <fieldname>associatealertip</fieldname> + <description>Checking this option will automatically associate the blocked reason from the snort alerts file.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Install emergingthreats rules.</fielddescr> + <fieldname>emergingthreats</fieldname> + <description>Emerging Threats is an open source community that produces fastest moving and diverse Snort Rules.</description> + <type>checkbox</type> + </field> + </fields> + <custom_php_resync_config_command> + sync_package_snort(); + </custom_php_resync_config_command> + <custom_add_php_command> + </custom_add_php_command> + <custom_php_install_command> + sync_package_snort_reinstall(); + </custom_php_install_command> + <custom_php_deinstall_command> + snort_deinstall(); + </custom_php_deinstall_command> +</packagegui> |