aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort/snort.xml
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort/snort.xml')
-rw-r--r--config/snort/snort.xml333
1 files changed, 77 insertions, 256 deletions
diff --git a/config/snort/snort.xml b/config/snort/snort.xml
index 763f65eb..502438c2 100644
--- a/config/snort/snort.xml
+++ b/config/snort/snort.xml
@@ -46,73 +46,32 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>Snort</name>
- <version>2.8.4.1_5</version>
- <title>Services: Snort 2.8.4.1_5 pkg v. 1.6</title>
- <include_file>/usr/local/pkg/snort.inc</include_file>
+ <version>2.8.5.3</version>
+ <title>Services: Snort 2.8.5.2 pkg v. 1.19</title>
+ <include_file>/usr/local/pkg/snort/snort.inc</include_file>
<menu>
<name>Snort</name>
<tooltiptext>Setup snort specific settings</tooltiptext>
<section>Services</section>
- <url>/pkg_edit.php?xml=snort.xml&amp;id=0</url>
+ <url>/snort/snort_interfaces.php</url>
</menu>
<service>
<name>snort</name>
- <rcfile>snort.sh</rcfile>
+ <rcfile></rcfile>
<executable>snort</executable>
- <description>Snort is the most widely deployed IDS/IPS technology worldwide..</description>
+ <description>Snort is the most widely deployed IDS/IPS technology worldwide.</description>
</service>
<tabs>
- <tab>
- <text>Settings</text>
- <url>/pkg_edit.php?xml=snort.xml&amp;id=0</url>
- <active/>
- </tab>
- <tab>
- <text>Update Rules</text>
- <url>/snort_download_rules.php</url>
- </tab>
- <tab>
- <text>Categories</text>
- <url>/snort_rulesets.php</url>
- </tab>
- <tab>
- <text>Rules</text>
- <url>/snort_rules.php</url>
- </tab>
- <tab>
- <text>Servers</text>
- <url>/pkg_edit.php?xml=snort_define_servers.xml&amp;id=0</url>
- </tab>
- <tab>
- <text>Blocked</text>
- <url>/snort_blocked.php</url>
- </tab>
- <tab>
- <text>Whitelist</text>
- <url>/pkg.php?xml=snort_whitelist.xml</url>
- </tab>
- <tab>
- <text>Threshold</text>
- <url>/pkg.php?xml=snort_threshold.xml</url>
- </tab>
- <tab>
- <text>Alerts</text>
- <url>/snort_alerts.php</url>
- </tab>
- <tab>
- <text>Advanced</text>
- <url>/pkg_edit.php?xml=snort_advanced.xml&amp;id=0</url>
- </tab>
</tabs>
<additional_files_needed>
- <prefix>/usr/local/pkg/</prefix>
+ <prefix>/usr/local/pkg/snort/</prefix>
<chmod>077</chmod>
<item>http://www.pfsense.com/packages/config/snort/snort.inc</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/bin/</prefix>
+ <prefix>/usr/local/www/snort/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/bin/barnyard2</item>
+ <item>http://www.pfsense.com/packages/config/snort/snort_fbegin.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/bin/</prefix>
@@ -123,256 +82,118 @@
<prefix>/usr/local/bin/</prefix>
<chmod>077</chmod>
<item>http://www.pfsense.com/packages/config/snort/bin/oinkmaster_contrib/oinkmaster.pl</item>
- </additional_files_needed>
+ </additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/www/</prefix>
+ <prefix>/usr/local/bin/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/snort_download_rules.php</item>
+ <item>http://www.pfsense.com/packages/config/snort/bin/oinkmaster_contrib/snort_rename.pl</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/www/</prefix>
+ <prefix>/usr/local/pkg/snort/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/snort_rules.php</item>
+ <item>http://www.pfsense.com/packages/config/snort/snort_gui.inc</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/www/</prefix>
+ <prefix>/usr/local/pkg/pf/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/snort_rules_edit.php</item>
+ <item>http://www.pfsense.com/packages/config/snort/snort_dynamic_ip_reload.php</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/www/</prefix>
+ <prefix>/usr/local/pkg/snort/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/snort_rulesets.php</item>
+ <item>http://www.pfsense.com/packages/config/snort/snort_whitelist.xml</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/pkg/</prefix>
+ <prefix>/usr/local/www/snort/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/snort_whitelist.xml</item>
+ <item>http://www.pfsense.com/packages/config/snort/snort_alerts.php</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/www/snort/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/snort/snort_barnyard.php</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/www/</prefix>
+ <prefix>/usr/local/www/snort/</prefix>
<chmod>077</chmod>
<item>http://www.pfsense.com/packages/config/snort/snort_blocked.php</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/pkg/</prefix>
+ <prefix>/usr/local/www/snort/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/snort/snort_define_servers.php</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/www/snort/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/snort/snort_download_rules.php</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/snort/</prefix>
<chmod>077</chmod>
<item>http://www.pfsense.com/packages/config/snort/snort_check_for_rule_updates.php</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/www/</prefix>
+ <prefix>/usr/local/www/snort/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/snort_alerts.php</item>
+ <item>http://www.pfsense.com/packages/config/snort/snort_help_info.php</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/pkg/pf/</prefix>
+ <prefix>/usr/local/www/snort/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/snort_dynamic_ip_reload.php</item>
+ <item>http://www.pfsense.com/packages/config/snort/help_and_info.php</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/www/snort/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/snort/snort_interfaces.php</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/www/snort/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/snort/snort_interfaces_edit.php</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/www/snort/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/snort/snort_interfaces_global.php</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/pkg/</prefix>
+ <prefix>/usr/local/www/snort/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/snort_advanced.xml</item>
+ <item>http://www.pfsense.com/packages/config/snort/snort_rules.php</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/pkg/</prefix>
+ <prefix>/usr/local/www/snort/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/snort_define_servers.xml</item>
+ <item>http://www.pfsense.com/packages/config/snort/snort_rules_edit.php</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/pkg/</prefix>
+ <prefix>/usr/local/www/snort/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/snort_threshold.xml</item>
+ <item>http://www.pfsense.com/packages/config/snort/snort_rulesets.php</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/pkg/</prefix>
+ <prefix>/usr/local/www/snort/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/snort/pfsense_rules/local.rules</item>
+ <item>http://www.pfsense.com/packages/config/snort/snort_preprocessors.php</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/etc/rc.d/</prefix>
+ <chmod>755</chmod>
+ <item>http://www.pfsense.com/packages/config/snort/snort.sh</item>
</additional_files_needed>
<fields>
- <field>
- <fielddescr>Interface</fielddescr>
- <fieldname>iface_array</fieldname>
- <description>Select the interface(s) Snort will listen on.</description>
- <type>interfaces_selection</type>
- <size>3</size>
- <value>lan</value>
- <multiple>true</multiple>
- </field>
- <field>
- <fielddescr>Memory Performance</fielddescr>
- <fieldname>performance</fieldname>
- <description>Lowmem and ac-bnfa are recommended for low end systems, Ac: high memory, best performance, ac-std: moderate memory,high performance, acs: small memory, moderateperformance, ac-banded: small memory,moderate performance, ac-sparsebands: small memory, high performance.</description>
- <type>select</type>
- <options>
- <option>
- <name>ac-bnfa</name>
- <value>ac-bnfa</value>
- </option>
- <option>
- <name>lowmem</name>
- <value>lowmem</value>
- </option>
- <option>
- <name>ac-std</name>
- <value>ac-std</value>
- </option>
- <option>
- <name>ac</name>
- <value>ac</value>
- </option>
- <option>
- <name>ac-banded</name>
- <value>ac-banded</value>
- </option>
- <option>
- <name>ac-sparsebands</name>
- <value>ac-sparsebands</value>
- </option>
- <option>
- <name>acs</name>
- <value>acs</value>
- </option>
- </options>
- </field>
- <field>
- <fielddescr>Oinkmaster code</fielddescr>
- <fieldname>oinkmastercode</fieldname>
- <description>Obtain a snort.org Oinkmaster code and paste here.</description>
- <type>input</type>
- <size>60</size>
- <value></value>
- </field>
- <field>
- <fielddescr>Snort.org subscriber</fielddescr>
- <fieldname>subscriber</fieldname>
- <description>Check this box if you are a Snort.org subscriber (premium rules).</description>
- <type>checkbox</type>
- <size>60</size>
- </field>
- <field>
- <fielddescr>Block offenders</fielddescr>
- <fieldname>blockoffenders7</fieldname>
- <description>Checking this option will automatically block hosts that generate a snort alert.</description>
- <type>checkbox</type>
- <size>60</size>
- </field>
- <field>
- <fielddescr>Remove blocked hosts every</fielddescr>
- <fieldname>rm_blocked</fieldname>
- <description>Please select the amount of time hosts are blocked</description>
- <type>select</type>
- <options>
- <option>
- <name>never</name>
- <value>never_b</value>
- </option>
- <option>
- <name>1 hour</name>
- <value>1h_b</value>
- </option>
- <option>
- <name>3 hours</name>
- <value>3h_b</value>
- </option>
- <option>
- <name>6 hours</name>
- <value>6h_b</value>
- </option>
- <option>
- <name>12 hours</name>
- <value>12h_b</value>
- </option>
- <option>
- <name>1 day</name>
- <value>1d_b</value>
- </option>
- <option>
- <name>4 days</name>
- <value>4d_b</value>
- </option>
- <option>
- <name>7 days</name>
- <value>7d_b</value>
- </option>
- <option>
- <name>28 days</name>
- <value>28d_b</value>
- </option>
- </options>
- </field>
- <field>
- </field>
- <field>
- <fielddescr>Update rules automatically</fielddescr>
- <fieldname>autorulesupdate7</fieldname>
- <description>Please select the update times for rules.</description>
- <type>select</type>
- <options>
- <option>
- <name>never</name>
- <value>never_up</value>
- </option>
- <option>
- <name>6 hours</name>
- <value>6h_up</value>
- </option>
- <option>
- <name>12 hours</name>
- <value>12h_up</value>
- </option>
- <option>
- <name>1 day</name>
- <value>1d_up</value>
- </option>
- <option>
- <name>4 days</name>
- <value>4d_up</value>
- </option>
- <option>
- <name>7 days</name>
- <value>7d_up</value>
- </option>
- <option>
- <name>28 days</name>
- <value>28d_up</value>
- </option>
- </options>
- </field>
- <field>
- <fielddescr>Whitelist VPNs automatically</fielddescr>
- <fieldname>whitelistvpns</fieldname>
- <description>Checking this option will install whitelists for all VPNs.</description>
- <type>checkbox</type>
- </field>
- <field>
- <fielddescr>Convert Snort alerts urls to clickable links</fielddescr>
- <fieldname>clickablalerteurls</fieldname>
- <description>Checking this option will automatically convert URLs in the Snort alerts tab to clickable links.</description>
- <type>checkbox</type>
- </field>
- <field>
- <fielddescr>Associate events on Blocked tab</fielddescr>
- <fieldname>associatealertip</fieldname>
- <description>Checking this option will automatically associate the blocked reason from the snort alerts file.</description>
- <type>checkbox</type>
- </field>
- <field>
- <fielddescr>Install emergingthreats rules.</fielddescr>
- <fieldname>emergingthreats</fieldname>
- <description>Emerging Threats is an open source community that produces fastest moving and diverse Snort Rules.</description>
- <type>checkbox</type>
- </field>
- </fields>
- <custom_php_resync_config_command>
- sync_package_snort();
- </custom_php_resync_config_command>
+ </fields>
<custom_add_php_command>
</custom_add_php_command>
- <custom_php_install_command>
- sync_package_snort_reinstall();
- </custom_php_install_command>
+ <custom_php_resync_config_command>
+ sync_snort_package();
+ </custom_php_resync_config_command>
+ <custom_php_install_command>
+ snort_postinstall();
+ </custom_php_install_command>
<custom_php_deinstall_command>
snort_deinstall();
</custom_php_deinstall_command>
-</packagegui> \ No newline at end of file
+</packagegui>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 21:14:12 +0000