diff options
Diffstat (limited to 'config/snort/snort.xml')
-rw-r--r-- | config/snort/snort.xml | 333 |
1 files changed, 77 insertions, 256 deletions
diff --git a/config/snort/snort.xml b/config/snort/snort.xml index 763f65eb..502438c2 100644 --- a/config/snort/snort.xml +++ b/config/snort/snort.xml @@ -46,73 +46,32 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>Snort</name> - <version>2.8.4.1_5</version> - <title>Services: Snort 2.8.4.1_5 pkg v. 1.6</title> - <include_file>/usr/local/pkg/snort.inc</include_file> + <version>2.8.5.3</version> + <title>Services: Snort 2.8.5.2 pkg v. 1.19</title> + <include_file>/usr/local/pkg/snort/snort.inc</include_file> <menu> <name>Snort</name> <tooltiptext>Setup snort specific settings</tooltiptext> <section>Services</section> - <url>/pkg_edit.php?xml=snort.xml&id=0</url> + <url>/snort/snort_interfaces.php</url> </menu> <service> <name>snort</name> - <rcfile>snort.sh</rcfile> + <rcfile></rcfile> <executable>snort</executable> - <description>Snort is the most widely deployed IDS/IPS technology worldwide..</description> + <description>Snort is the most widely deployed IDS/IPS technology worldwide.</description> </service> <tabs> - <tab> - <text>Settings</text> - <url>/pkg_edit.php?xml=snort.xml&id=0</url> - <active/> - </tab> - <tab> - <text>Update Rules</text> - <url>/snort_download_rules.php</url> - </tab> - <tab> - <text>Categories</text> - <url>/snort_rulesets.php</url> - </tab> - <tab> - <text>Rules</text> - <url>/snort_rules.php</url> - </tab> - <tab> - <text>Servers</text> - <url>/pkg_edit.php?xml=snort_define_servers.xml&id=0</url> - </tab> - <tab> - <text>Blocked</text> - <url>/snort_blocked.php</url> - </tab> - <tab> - <text>Whitelist</text> - <url>/pkg.php?xml=snort_whitelist.xml</url> - </tab> - <tab> - <text>Threshold</text> - <url>/pkg.php?xml=snort_threshold.xml</url> - </tab> - <tab> - <text>Alerts</text> - <url>/snort_alerts.php</url> - </tab> - <tab> - <text>Advanced</text> - <url>/pkg_edit.php?xml=snort_advanced.xml&id=0</url> - </tab> </tabs> <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> + <prefix>/usr/local/pkg/snort/</prefix> <chmod>077</chmod> <item>http://www.pfsense.com/packages/config/snort/snort.inc</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/bin/</prefix> + <prefix>/usr/local/www/snort/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/bin/barnyard2</item> + <item>http://www.pfsense.com/packages/config/snort/snort_fbegin.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/bin/</prefix> @@ -123,256 +82,118 @@ <prefix>/usr/local/bin/</prefix> <chmod>077</chmod> <item>http://www.pfsense.com/packages/config/snort/bin/oinkmaster_contrib/oinkmaster.pl</item> - </additional_files_needed> + </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/www/</prefix> + <prefix>/usr/local/bin/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/snort_download_rules.php</item> + <item>http://www.pfsense.com/packages/config/snort/bin/oinkmaster_contrib/snort_rename.pl</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/www/</prefix> + <prefix>/usr/local/pkg/snort/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/snort_rules.php</item> + <item>http://www.pfsense.com/packages/config/snort/snort_gui.inc</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/www/</prefix> + <prefix>/usr/local/pkg/pf/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/snort_rules_edit.php</item> + <item>http://www.pfsense.com/packages/config/snort/snort_dynamic_ip_reload.php</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/www/</prefix> + <prefix>/usr/local/pkg/snort/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/snort_rulesets.php</item> + <item>http://www.pfsense.com/packages/config/snort/snort_whitelist.xml</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> + <prefix>/usr/local/www/snort/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/snort_whitelist.xml</item> + <item>http://www.pfsense.com/packages/config/snort/snort_alerts.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/snort/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort/snort_barnyard.php</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/www/</prefix> + <prefix>/usr/local/www/snort/</prefix> <chmod>077</chmod> <item>http://www.pfsense.com/packages/config/snort/snort_blocked.php</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> + <prefix>/usr/local/www/snort/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort/snort_define_servers.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/snort/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort/snort_download_rules.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/snort/</prefix> <chmod>077</chmod> <item>http://www.pfsense.com/packages/config/snort/snort_check_for_rule_updates.php</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/www/</prefix> + <prefix>/usr/local/www/snort/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/snort_alerts.php</item> + <item>http://www.pfsense.com/packages/config/snort/snort_help_info.php</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/pkg/pf/</prefix> + <prefix>/usr/local/www/snort/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/snort_dynamic_ip_reload.php</item> + <item>http://www.pfsense.com/packages/config/snort/help_and_info.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/snort/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort/snort_interfaces.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/snort/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort/snort_interfaces_edit.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/snort/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort/snort_interfaces_global.php</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> + <prefix>/usr/local/www/snort/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/snort_advanced.xml</item> + <item>http://www.pfsense.com/packages/config/snort/snort_rules.php</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> + <prefix>/usr/local/www/snort/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/snort_define_servers.xml</item> + <item>http://www.pfsense.com/packages/config/snort/snort_rules_edit.php</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> + <prefix>/usr/local/www/snort/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/snort_threshold.xml</item> + <item>http://www.pfsense.com/packages/config/snort/snort_rulesets.php</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> + <prefix>/usr/local/www/snort/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort/pfsense_rules/local.rules</item> + <item>http://www.pfsense.com/packages/config/snort/snort_preprocessors.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/etc/rc.d/</prefix> + <chmod>755</chmod> + <item>http://www.pfsense.com/packages/config/snort/snort.sh</item> </additional_files_needed> <fields> - <field> - <fielddescr>Interface</fielddescr> - <fieldname>iface_array</fieldname> - <description>Select the interface(s) Snort will listen on.</description> - <type>interfaces_selection</type> - <size>3</size> - <value>lan</value> - <multiple>true</multiple> - </field> - <field> - <fielddescr>Memory Performance</fielddescr> - <fieldname>performance</fieldname> - <description>Lowmem and ac-bnfa are recommended for low end systems, Ac: high memory, best performance, ac-std: moderate memory,high performance, acs: small memory, moderateperformance, ac-banded: small memory,moderate performance, ac-sparsebands: small memory, high performance.</description> - <type>select</type> - <options> - <option> - <name>ac-bnfa</name> - <value>ac-bnfa</value> - </option> - <option> - <name>lowmem</name> - <value>lowmem</value> - </option> - <option> - <name>ac-std</name> - <value>ac-std</value> - </option> - <option> - <name>ac</name> - <value>ac</value> - </option> - <option> - <name>ac-banded</name> - <value>ac-banded</value> - </option> - <option> - <name>ac-sparsebands</name> - <value>ac-sparsebands</value> - </option> - <option> - <name>acs</name> - <value>acs</value> - </option> - </options> - </field> - <field> - <fielddescr>Oinkmaster code</fielddescr> - <fieldname>oinkmastercode</fieldname> - <description>Obtain a snort.org Oinkmaster code and paste here.</description> - <type>input</type> - <size>60</size> - <value></value> - </field> - <field> - <fielddescr>Snort.org subscriber</fielddescr> - <fieldname>subscriber</fieldname> - <description>Check this box if you are a Snort.org subscriber (premium rules).</description> - <type>checkbox</type> - <size>60</size> - </field> - <field> - <fielddescr>Block offenders</fielddescr> - <fieldname>blockoffenders7</fieldname> - <description>Checking this option will automatically block hosts that generate a snort alert.</description> - <type>checkbox</type> - <size>60</size> - </field> - <field> - <fielddescr>Remove blocked hosts every</fielddescr> - <fieldname>rm_blocked</fieldname> - <description>Please select the amount of time hosts are blocked</description> - <type>select</type> - <options> - <option> - <name>never</name> - <value>never_b</value> - </option> - <option> - <name>1 hour</name> - <value>1h_b</value> - </option> - <option> - <name>3 hours</name> - <value>3h_b</value> - </option> - <option> - <name>6 hours</name> - <value>6h_b</value> - </option> - <option> - <name>12 hours</name> - <value>12h_b</value> - </option> - <option> - <name>1 day</name> - <value>1d_b</value> - </option> - <option> - <name>4 days</name> - <value>4d_b</value> - </option> - <option> - <name>7 days</name> - <value>7d_b</value> - </option> - <option> - <name>28 days</name> - <value>28d_b</value> - </option> - </options> - </field> - <field> - </field> - <field> - <fielddescr>Update rules automatically</fielddescr> - <fieldname>autorulesupdate7</fieldname> - <description>Please select the update times for rules.</description> - <type>select</type> - <options> - <option> - <name>never</name> - <value>never_up</value> - </option> - <option> - <name>6 hours</name> - <value>6h_up</value> - </option> - <option> - <name>12 hours</name> - <value>12h_up</value> - </option> - <option> - <name>1 day</name> - <value>1d_up</value> - </option> - <option> - <name>4 days</name> - <value>4d_up</value> - </option> - <option> - <name>7 days</name> - <value>7d_up</value> - </option> - <option> - <name>28 days</name> - <value>28d_up</value> - </option> - </options> - </field> - <field> - <fielddescr>Whitelist VPNs automatically</fielddescr> - <fieldname>whitelistvpns</fieldname> - <description>Checking this option will install whitelists for all VPNs.</description> - <type>checkbox</type> - </field> - <field> - <fielddescr>Convert Snort alerts urls to clickable links</fielddescr> - <fieldname>clickablalerteurls</fieldname> - <description>Checking this option will automatically convert URLs in the Snort alerts tab to clickable links.</description> - <type>checkbox</type> - </field> - <field> - <fielddescr>Associate events on Blocked tab</fielddescr> - <fieldname>associatealertip</fieldname> - <description>Checking this option will automatically associate the blocked reason from the snort alerts file.</description> - <type>checkbox</type> - </field> - <field> - <fielddescr>Install emergingthreats rules.</fielddescr> - <fieldname>emergingthreats</fieldname> - <description>Emerging Threats is an open source community that produces fastest moving and diverse Snort Rules.</description> - <type>checkbox</type> - </field> - </fields> - <custom_php_resync_config_command> - sync_package_snort(); - </custom_php_resync_config_command> + </fields> <custom_add_php_command> </custom_add_php_command> - <custom_php_install_command> - sync_package_snort_reinstall(); - </custom_php_install_command> + <custom_php_resync_config_command> + sync_snort_package(); + </custom_php_resync_config_command> + <custom_php_install_command> + snort_postinstall(); + </custom_php_install_command> <custom_php_deinstall_command> snort_deinstall(); </custom_php_deinstall_command> -</packagegui>
\ No newline at end of file +</packagegui> |