aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort/snort_check_for_rule_updates.php
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort/snort_check_for_rule_updates.php')
-rw-r--r--config/snort/snort_check_for_rule_updates.php652
1 files changed, 326 insertions, 326 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index 31cdc42d..51d403d9 100644
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -1,32 +1,32 @@
<?php
/* $Id$ */
/*
- snort_rulesets.php
- Copyright (C) 2006 Scott Ullrich
- Copyright (C) 2009 Robert Zelaya
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
+ snort_rulesets.php
+ Copyright (C) 2006 Scott Ullrich
+ Copyright (C) 2009 Robert Zelaya
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
/* Setup enviroment */
@@ -44,7 +44,7 @@ function read_header2($ch, $string) {
$regs = "";
ereg("(Content-Length:) (.*)", $string, $regs);
if($regs[2] <> "") {
- $file_size = intval($regs[2]);
+ $file_size = intval($regs[2]);
}
ob_flush();
return $length;
@@ -68,7 +68,7 @@ function read_body2($ch, $string) {
$lastseen = $downloadProgress;
}
if($fout)
- fwrite($fout, $string);
+ fwrite($fout, $string);
ob_flush();
return $length;
}
@@ -76,57 +76,57 @@ function read_body2($ch, $string) {
////////////////////////////////>>>>>>>>>>
function read_body_firmware($ch, $string) {
- global $fout, $file_size, $downloaded, $counter, $version, $latest_version, $current_installed_pfsense_version;
- $length = strlen($string);
- $downloaded += intval($length);
- $downloadProgress = round(100 * (1 - $downloaded / $file_size), 0);
- $downloadProgress = 100 - $downloadProgress;
- $a = $file_size;
- $b = $downloaded;
- $c = $downloadProgress;
- $text = " Snort download in progress\\n";
- $text .= "----------------------------------------------------\\n";
- $text .= " Downloaded : {$b}\\n";
- $text .= "----------------------------------------------------\\n";
- $counter++;
- if($counter > 150) {
- update_output_window($text);
- update_progress_bar($downloadProgress);
- flush();
- $counter = 0;
- }
- fwrite($fout, $string);
- return $length;
+ global $fout, $file_size, $downloaded, $counter, $version, $latest_version, $current_installed_pfsense_version;
+ $length = strlen($string);
+ $downloaded += intval($length);
+ $downloadProgress = round(100 * (1 - $downloaded / $file_size), 0);
+ $downloadProgress = 100 - $downloadProgress;
+ $a = $file_size;
+ $b = $downloaded;
+ $c = $downloadProgress;
+ $text = " Snort download in progress\\n";
+ $text .= "----------------------------------------------------\\n";
+ $text .= " Downloaded : {$b}\\n";
+ $text .= "----------------------------------------------------\\n";
+ $counter++;
+ if($counter > 150) {
+ update_output_window($text);
+ update_progress_bar($downloadProgress);
+ flush();
+ $counter = 0;
+ }
+ fwrite($fout, $string);
+ return $length;
}
function download_file_with_progress_bar2($url_file, $destination_file, $readbody = 'read_body') {
- global $ch, $fout, $file_size, $downloaded;
- $file_size = 1;
- $downloaded = 1;
- /* open destination file */
- $fout = fopen($destination_file, "wb");
-
- /*
- * Originally by Author: Keyvan Minoukadeh
- * Modified by Scott Ullrich to return Content-Length size
- */
-
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url_file);
- curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header');
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($ch, CURLOPT_WRITEFUNCTION, $readbody);
- curl_setopt($ch, CURLOPT_NOPROGRESS, '1');
- curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '5');
- curl_setopt($ch, CURLOPT_TIMEOUT, 0);
-
- curl_exec($ch);
- $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
- if($fout)
- fclose($fout);
- curl_close($ch);
- return ($http_code == 200) ? true : $http_code;
+ global $ch, $fout, $file_size, $downloaded;
+ $file_size = 1;
+ $downloaded = 1;
+ /* open destination file */
+ $fout = fopen($destination_file, "wb");
+
+ /*
+ * Originally by Author: Keyvan Minoukadeh
+ * Modified by Scott Ullrich to return Content-Length size
+ */
+
+ $ch = curl_init();
+ curl_setopt($ch, CURLOPT_URL, $url_file);
+ curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header');
+ curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ curl_setopt($ch, CURLOPT_WRITEFUNCTION, $readbody);
+ curl_setopt($ch, CURLOPT_NOPROGRESS, '1');
+ curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '5');
+ curl_setopt($ch, CURLOPT_TIMEOUT, 0);
+
+ curl_exec($ch);
+ $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+ if($fout)
+ fclose($fout);
+ curl_close($ch);
+ return ($http_code == 200) ? true : $http_code;
}
//////////////////////////////
@@ -148,16 +148,16 @@ $emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats'
if ($oinkid == '' && $snortdownload == 'on')
{
- echo "You must obtain an oinkid from snort.org and set its value in the Snort settings tab.\n";
- exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'You must obtain an oinkid from snort.org and set its value in the Snort settings tab.'");
- exit;
+ echo "You must obtain an oinkid from snort.org and set its value in the Snort settings tab.\n";
+ exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'You must obtain an oinkid from snort.org and set its value in the Snort settings tab.'");
+ exit;
}
if ($snortdownload != "on" && $emergingthreats != "on")
{
- echo 'Snort Global Settings: download snort.org rules = off and download emergingthreat rules = off.\n';
- exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'No rules have been selected to download.'");
- exit;
+ echo 'Snort Global Settings: download snort.org rules = off and download emergingthreat rules = off.\n';
+ exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'No rules have been selected to download.'");
+ exit;
}
/* Time stamps define */
@@ -197,8 +197,8 @@ conf_mount_rw();
/* remove old $tmpfname files */
if (file_exists("{$tmpfname}")) {
- echo 'Removing old tmp files...' . "\n";
- exec("/bin/rm -r {$tmpfname}");
+ echo 'Removing old tmp files...' . "\n";
+ exec("/bin/rm -r {$tmpfname}");
apc_clear_cache();
}
@@ -216,14 +216,14 @@ conf_mount_rw();
if (file_exists($tmpfname)) {
echo 'The directory tmp exists...' . "\n";
} else {
- mkdir("{$tmpfname}", 700);
+ mkdir("{$tmpfname}", 700);
}
/* download md5 sig from snort.org */
if ($snortdownload == 'on')
{
if (file_exists("{$tmpfname}/{$snort_filename_md5}") &&
- filesize("{$tmpfname}/{$snort_filename_md5}") > 0) {
+ filesize("{$tmpfname}/{$snort_filename_md5}") > 0) {
echo 'snort.org md5 temp file exists...' . "\n";
} else {
echo 'Downloading snort.org md5 file...' . "\n";
@@ -239,14 +239,14 @@ if ($snortdownload == 'on')
/* download md5 sig from emergingthreats.net */
if ($emergingthreats == "on")
{
- echo 'Downloading emergingthreats md5 file...' . "\n";
- ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
- $image = @file_get_contents("http://www.emergingthreats.net/version.txt");
-// $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/version.txt");
- $f = fopen("{$tmpfname}/version.txt", 'w');
- fwrite($f, $image);
- fclose($f);
- echo 'Done downloading emergingthreats md5' . "\n";
+ echo 'Downloading emergingthreats md5 file...' . "\n";
+ ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
+ $image = @file_get_contents("http://www.emergingthreats.net/version.txt");
+ // $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/version.txt");
+ $f = fopen("{$tmpfname}/version.txt", 'w');
+ fwrite($f, $image);
+ fclose($f);
+ echo 'Done downloading emergingthreats md5' . "\n";
}
/* download md5 sig from pfsense.org */
@@ -254,12 +254,12 @@ if (file_exists("{$tmpfname}/{$pfsense_rules_filename_md5}")) {
echo 'Pfsense md5 temp file exists...' . "\n";
} else {
echo 'Downloading pfsense md5 file...' . "\n";
- ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
- $image = @file_get_contents("http://www.pfsense.com/packages/config/snort/pfsense_rules/pfsense_rules.tar.gz.md5");
-// $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/pfsense_rules.tar.gz.md5");
- $f = fopen("{$tmpfname}/pfsense_rules.tar.gz.md5", 'w');
- fwrite($f, $image);
- fclose($f);
+ ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
+ $image = @file_get_contents("http://www.pfsense.com/packages/config/snort/pfsense_rules/pfsense_rules.tar.gz.md5");
+ // $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/pfsense_rules.tar.gz.md5");
+ $f = fopen("{$tmpfname}/pfsense_rules.tar.gz.md5", 'w');
+ fwrite($f, $image);
+ fclose($f);
echo 'Done downloading pfsense md5.' . "\n";
}
@@ -282,7 +282,7 @@ if (0 == filesize("{$tmpfname}/$pfsense_rules_filename_md5")){
echo 'Please wait... You may only check for New Pfsense Rules every 15 minutes...' . "\n";
echo 'Rules are released to support Pfsense packages.' . "\n";
conf_mount_ro();
- exit(0);
+ exit(0);
}
/* Check if were up to date snort.org */
@@ -300,7 +300,7 @@ if ($snortdownload == 'on')
if ($md5_check_new == $md5_check_old)
{
echo 'Your rules are up to date...' . "\n";
- echo 'You may start Snort now, check update.' . "\n";
+ echo 'You may start Snort now, check update.' . "\n";
$snort_md5_check_ok = on;
}
}
@@ -319,7 +319,7 @@ if ($emergingthreats == "on")
// Will cause switch back to read-only on nanobsd
write_config();
conf_mount_rw();
- if ($emerg_md5_check_new == $emerg_md5_check_old)
+ if ($emerg_md5_check_new == $emerg_md5_check_old)
{
$emerg_md5_check_ok = on;
}
@@ -327,21 +327,21 @@ if ($emergingthreats == "on")
}
/* Check if were up to date pfsense.org */
- if (file_exists("{$snortdir}/pfsense_rules.tar.gz.md5"))
+if (file_exists("{$snortdir}/pfsense_rules.tar.gz.md5"))
+{
+ $pfsense_check_new_parse = file_get_contents("{$tmpfname}/pfsense_rules.tar.gz.md5");
+ $pfsense_md5_check_new = `/bin/echo "{$pfsense_md5_check_new_parse}" | /usr/bin/awk '{ print $1 }'`;
+ $pfsense_md5_check_old_parse = file_get_contents("{$snortdir}/pfsense_rules.tar.gz.md5");
+ $pfsense_md5_check_old = `/bin/echo "{$pfsense_md5_check_old_parse}" | /usr/bin/awk '{ print $1 }'`;
+ /* Write out time of last sucsessful md5 to cache */
+ // Will cause switch back to read-only on nanobsd
+ write_config();
+ conf_mount_rw();
+ if ($pfsense_md5_check_new == $pfsense_md5_check_old)
{
- $pfsense_check_new_parse = file_get_contents("{$tmpfname}/pfsense_rules.tar.gz.md5");
- $pfsense_md5_check_new = `/bin/echo "{$pfsense_md5_check_new_parse}" | /usr/bin/awk '{ print $1 }'`;
- $pfsense_md5_check_old_parse = file_get_contents("{$snortdir}/pfsense_rules.tar.gz.md5");
- $pfsense_md5_check_old = `/bin/echo "{$pfsense_md5_check_old_parse}" | /usr/bin/awk '{ print $1 }'`;
- /* Write out time of last sucsessful md5 to cache */
- // Will cause switch back to read-only on nanobsd
- write_config();
- conf_mount_rw();
- if ($pfsense_md5_check_new == $pfsense_md5_check_old)
- {
- $pfsense_md5_check_ok = on;
- }
+ $pfsense_md5_check_ok = on;
}
+}
/* Check if were up to date is so, exit */
/* WARNING This code needs constant checks */
@@ -349,10 +349,10 @@ if ($snortdownload == 'on' && $emergingthreats == 'on')
{
if ($snort_md5_check_ok == 'on' && $emerg_md5_check_ok == 'on')
{
- echo 'All your rules are up to date...' . "\n";
- echo 'You may start Snort now...' . "\n";
- conf_mount_ro();
- exit(0);
+ echo 'All your rules are up to date...' . "\n";
+ echo 'You may start Snort now...' . "\n";
+ conf_mount_ro();
+ exit(0);
}
}
@@ -360,10 +360,10 @@ if ($snortdownload == 'on' && $emergingthreats == 'off')
{
if ($snort_md5_check_ok == 'on')
{
- echo 'Your snort.org rules are up to date...' . "\n";
- echo 'You may start Snort now...' . "\n";
- conf_mount_ro();
- exit(0);
+ echo 'Your snort.org rules are up to date...' . "\n";
+ echo 'You may start Snort now...' . "\n";
+ conf_mount_ro();
+ exit(0);
}
}
@@ -371,13 +371,13 @@ if ($snortdownload == 'off' && $emergingthreats == 'on')
{
if ($emerg_md5_check_ok == 'on')
{
- echo 'Your Emergingthreats rules are up to date...' . "\n";
- echo 'You may start Snort now...' . "\n";
- conf_mount_ro();
- exit(0);
+ echo 'Your Emergingthreats rules are up to date...' . "\n";
+ echo 'You may start Snort now...' . "\n";
+ conf_mount_ro();
+ exit(0);
}
}
-
+
/* You are Not Up to date, always stop snort when updating rules for low end machines */;
echo 'You are NOT up to date...' . "\n";
echo 'Stopping Snort service...' . "\n";
@@ -392,51 +392,51 @@ if ($chk_if_snort_up != "") {
if ($snortdownload == 'on')
{
if ($snort_md5_check_ok != on) {
- if (file_exists("{$tmpfname}/{$snort_filename}")) {
- echo 'Snortrule tar file exists...' . "\n";
- } else {
- echo 'There is a new set of Snort.org rules posted. Downloading...' . "\n";
- echo 'May take 4 to 10 min...' . "\n";
- conf_mount_rw();
- download_file_with_progress_bar2("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename}", $tmpfname . "/{$snort_filename}", "read_body_firmware");
- echo 'Done downloading rules file.' . "\n";
- if (150000 > filesize("{$tmpfname}/$snort_filename")){
- echo 'Error with the snort rules download...' . "\n";
- echo 'Snort rules file downloaded failed...' . "\n";
- conf_mount_ro();
- exit(0);
- }
+ if (file_exists("{$tmpfname}/{$snort_filename}")) {
+ echo 'Snortrule tar file exists...' . "\n";
+ } else {
+ echo 'There is a new set of Snort.org rules posted. Downloading...' . "\n";
+ echo 'May take 4 to 10 min...' . "\n";
+ conf_mount_rw();
+ download_file_with_progress_bar2("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename}", $tmpfname . "/{$snort_filename}", "read_body_firmware");
+ echo 'Done downloading rules file.' . "\n";
+ if (150000 > filesize("{$tmpfname}/$snort_filename")){
+ echo 'Error with the snort rules download...' . "\n";
+ echo 'Snort rules file downloaded failed...' . "\n";
+ conf_mount_ro();
+ exit(0);
+ }
}
}
}
-
+
/* download emergingthreats rules file */
-if ($emergingthreats == "on")
+if ($emergingthreats == "on")
{
if ($emerg_md5_check_ok != on)
{
- if (file_exists("{$tmpfname}/{$emergingthreats_filename}"))
- {
- echo 'Emergingthreats tar file exists...' . "\n";
- }else{
- echo 'There is a new set of Emergingthreats rules posted. Downloading...' . "\n";
- echo 'May take 4 to 10 min...' . "\n";
- download_file_with_progress_bar2("http://www.emergingthreats.net/rules/emerging.rules.tar.gz", $tmpfname . "/{$emergingthreats_filename}", "read_body_firmware");
- echo 'Done downloading Emergingthreats rules file.' . "\n";
+ if (file_exists("{$tmpfname}/{$emergingthreats_filename}"))
+ {
+ echo 'Emergingthreats tar file exists...' . "\n";
+ }else{
+ echo 'There is a new set of Emergingthreats rules posted. Downloading...' . "\n";
+ echo 'May take 4 to 10 min...' . "\n";
+ download_file_with_progress_bar2("http://www.emergingthreats.net/rules/emerging.rules.tar.gz", $tmpfname . "/{$emergingthreats_filename}", "read_body_firmware");
+ echo 'Done downloading Emergingthreats rules file.' . "\n";
}
}
}
/* download pfsense rules file */
if ($pfsense_md5_check_ok != on) {
-if (file_exists("{$tmpfname}/{$pfsense_rules_filename}")) {
- echo 'Snortrule tar file exists...' . "\n";
-} else {
- echo 'There is a new set of Pfsense rules posted. Downloading...' . "\n";
- echo 'May take 4 to 10 min...' . "\n";
- download_file_with_progress_bar2("http://www.pfsense.com/packages/config/snort/pfsense_rules/pfsense_rules.tar.gz", $tmpfname . "/{$pfsense_rules_filename}", "read_body_firmware");
- echo 'Done downloading rules file.' . "\n";
- }
+ if (file_exists("{$tmpfname}/{$pfsense_rules_filename}")) {
+ echo 'Snortrule tar file exists...' . "\n";
+ } else {
+ echo 'There is a new set of Pfsense rules posted. Downloading...' . "\n";
+ echo 'May take 4 to 10 min...' . "\n";
+ download_file_with_progress_bar2("http://www.pfsense.com/packages/config/snort/pfsense_rules/pfsense_rules.tar.gz", $tmpfname . "/{$pfsense_rules_filename}", "read_body_firmware");
+ echo 'Done downloading rules file.' . "\n";
+ }
}
/* Compair md5 sig to file sig */
@@ -471,30 +471,30 @@ if (file_exists("{$tmpfname}/{$pfsense_rules_filename}")) {
if ($snortdownload == 'on')
{
if ($snort_md5_check_ok != on) {
- if (file_exists("{$tmpfname}/{$snort_filename}")) {
-
- if ($pfsense_stable == 'yes')
- {
- $freebsd_version_so = 'FreeBSD-7-2';
- }else{
- $freebsd_version_so = 'FreeBSD-8-0';
- }
-
- echo 'Extracting Snort.org rules...' . "\n";
- echo 'May take a while...' . "\n";
- /* extract snort.org rules and add prefix to all snort.org files*/
- exec("/bin/rm -r {$snortdir}/rules");
- sleep(2);
- exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} rules/");
- chdir ("/usr/local/etc/snort/rules");
- sleep(2);
- exec('/usr/local/bin/perl /usr/local/bin/snort_rename.pl s/^/snort_/ *.rules');
- /* extract so rules */
- exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/");
- exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
- exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/* /usr/local/lib/snort/dynamicrules/");
- /* extract so rules none bin and rename */
- exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" .
+ if (file_exists("{$tmpfname}/{$snort_filename}")) {
+
+ if ($pfsense_stable == 'yes')
+ {
+ $freebsd_version_so = 'FreeBSD-7-2';
+ }else{
+ $freebsd_version_so = 'FreeBSD-8-0';
+ }
+
+ echo 'Extracting Snort.org rules...' . "\n";
+ echo 'May take a while...' . "\n";
+ /* extract snort.org rules and add prefix to all snort.org files*/
+ exec("/bin/rm -r {$snortdir}/rules");
+ sleep(2);
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} rules/");
+ chdir ("/usr/local/etc/snort/rules");
+ sleep(2);
+ exec('/usr/local/bin/perl /usr/local/bin/snort_rename.pl s/^/snort_/ *.rules');
+ /* extract so rules */
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/");
+ exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
+ exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/* /usr/local/lib/snort/dynamicrules/");
+ /* extract so rules none bin and rename */
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" .
" so_rules/chat.rules/" .
" so_rules/dos.rules/" .
" so_rules/exploit.rules/" .
@@ -511,37 +511,37 @@ if ($snortdownload == 'on')
" so_rules/web-client.rules/" .
" so_rules/web-iis.rules/" .
" so_rules/web-misc.rules/");
-
- exec("/bin/mv -f {$snortdir}/so_rules/bad-traffic.rules {$snortdir}/rules/snort_bad-traffic.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/chat.rules {$snortdir}/rules/snort_chat.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/dos.rules {$snortdir}/rules/snort_dos.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/exploit.rules {$snortdir}/rules/snort_exploit.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/icmp.rules {$snortdir}/rules/snort_icmp.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/imap.rules {$snortdir}/rules/snort_imap.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/misc.rules {$snortdir}/rules/snort_misc.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/multimedia.rules {$snortdir}/rules/snort_multimedia.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/netbios.rules {$snortdir}/rules/snort_netbios.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/nntp.rules {$snortdir}/rules/snort_nntp.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/p2p.rules {$snortdir}/rules/snort_p2p.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/smtp.rules {$snortdir}/rules/snort_smtp.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/sql.rules {$snortdir}/rules/snort_sql.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/web-activex.rules {$snortdir}/rules/snort_web-activex.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/web-client.rules {$snortdir}/rules/snort_web-client.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/web-iis.rules {$snortdir}/rules/snort_web-iis.so.rules");
- exec("/bin/mv -f {$snortdir}/so_rules/web-misc.rules {$snortdir}/rules/snort_web-misc.so.rules");
- exec("/bin/rm -r {$snortdir}/so_rules");
-
- /* extract base etc files */
- exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} etc/");
- exec("/bin/mv -f {$snortdir}/etc/* {$snortdir}");
- exec("/bin/rm -r {$snortdir}/etc");
-
- echo 'Done extracting Snort.org Rules.' . "\n";
- }else{
- echo 'Error extracting Snort.org Rules...' . "\n";
- echo 'Error Line 755' . "\n";
- conf_mount_ro();
- exit(0);
+
+ exec("/bin/mv -f {$snortdir}/so_rules/bad-traffic.rules {$snortdir}/rules/snort_bad-traffic.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/chat.rules {$snortdir}/rules/snort_chat.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/dos.rules {$snortdir}/rules/snort_dos.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/exploit.rules {$snortdir}/rules/snort_exploit.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/icmp.rules {$snortdir}/rules/snort_icmp.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/imap.rules {$snortdir}/rules/snort_imap.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/misc.rules {$snortdir}/rules/snort_misc.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/multimedia.rules {$snortdir}/rules/snort_multimedia.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/netbios.rules {$snortdir}/rules/snort_netbios.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/nntp.rules {$snortdir}/rules/snort_nntp.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/p2p.rules {$snortdir}/rules/snort_p2p.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/smtp.rules {$snortdir}/rules/snort_smtp.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/sql.rules {$snortdir}/rules/snort_sql.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/web-activex.rules {$snortdir}/rules/snort_web-activex.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/web-client.rules {$snortdir}/rules/snort_web-client.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/web-iis.rules {$snortdir}/rules/snort_web-iis.so.rules");
+ exec("/bin/mv -f {$snortdir}/so_rules/web-misc.rules {$snortdir}/rules/snort_web-misc.so.rules");
+ exec("/bin/rm -r {$snortdir}/so_rules");
+
+ /* extract base etc files */
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} etc/");
+ exec("/bin/mv -f {$snortdir}/etc/* {$snortdir}");
+ exec("/bin/rm -r {$snortdir}/etc");
+
+ echo 'Done extracting Snort.org Rules.' . "\n";
+ }else{
+ echo 'Error extracting Snort.org Rules...' . "\n";
+ echo 'Error Line 755' . "\n";
+ conf_mount_ro();
+ exit(0);
}
}
}
@@ -562,46 +562,46 @@ if ($emergingthreats == "on")
/* Untar Pfsense rules to tmp */
if ($pfsense_md5_check_ok != on) {
-if (file_exists("{$tmpfname}/{$pfsense_rules_filename}")) {
- echo 'Extracting Pfsense rules...' . "\n";
- echo 'May take a while...' . "\n";
- exec("/usr/bin/tar xzf {$tmpfname}/{$pfsense_rules_filename} -C {$snortdir} rules/");
- }
+ if (file_exists("{$tmpfname}/{$pfsense_rules_filename}")) {
+ echo 'Extracting Pfsense rules...' . "\n";
+ echo 'May take a while...' . "\n";
+ exec("/usr/bin/tar xzf {$tmpfname}/{$pfsense_rules_filename} -C {$snortdir} rules/");
+ }
}
/* Untar snort signatures */
if ($snort_md5_check_ok != on) {
-if (file_exists("{$tmpfname}/{$snort_filename}")) {
-$signature_info_chk = $config['installedpackages']['snortglobal']['signatureinfo'];
-if ($premium_url_chk == on) {
- echo 'Extracting Signatures...' . "\n";
- echo 'May take a while...' . "\n";
- exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} doc/signatures/");
- echo 'Done extracting Signatures.' . "\n";
- }
- }
+ if (file_exists("{$tmpfname}/{$snort_filename}")) {
+ $signature_info_chk = $config['installedpackages']['snortglobal']['signatureinfo'];
+ if ($premium_url_chk == on) {
+ echo 'Extracting Signatures...' . "\n";
+ echo 'May take a while...' . "\n";
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} doc/signatures/");
+ echo 'Done extracting Signatures.' . "\n";
+ }
+ }
}
/* Copy md5 sig to snort dir */
if ($snortdownload == 'on')
{
if ($snort_md5_check_ok != on) {
- if (file_exists("{$tmpfname}/$snort_filename_md5")) {
- echo 'Copying md5 sig to snort directory...' . "\n";
- exec("/bin/cp {$tmpfname}/$snort_filename_md5 {$snortdir}/$snort_filename_md5");
- }else{
- echo 'The md5 file does not exist...' . "\n";
- echo 'Error copying config...' . "\n";
- conf_mount_ro();
- exit(0);
+ if (file_exists("{$tmpfname}/$snort_filename_md5")) {
+ echo 'Copying md5 sig to snort directory...' . "\n";
+ exec("/bin/cp {$tmpfname}/$snort_filename_md5 {$snortdir}/$snort_filename_md5");
+ }else{
+ echo 'The md5 file does not exist...' . "\n";
+ echo 'Error copying config...' . "\n";
+ conf_mount_ro();
+ exit(0);
}
}
-}
-
+}
+
/* Copy emergingthreats md5 sig to snort dir */
if ($emergingthreats == "on")
{
- if ($emerg_md5_check_ok != on)
+ if ($emerg_md5_check_ok != on)
{
if (file_exists("{$tmpfname}/$emergingthreats_filename_md5"))
{
@@ -612,24 +612,24 @@ if ($emergingthreats == "on")
echo 'Error copying config...' . "\n";
conf_mount_ro();
exit(0);
- }
+ }
}
}
/* Copy Pfsense md5 sig to snort dir */
if ($pfsense_md5_check_ok != on) {
-if (file_exists("{$tmpfname}/$pfsense_rules_filename_md5")) {
- echo 'Copying Pfsense md5 sig to snort directory...' . "\n";
- exec("/bin/cp {$tmpfname}/$pfsense_rules_filename_md5 {$snortdir}/$pfsense_rules_filename_md5");
-} else {
- update_status(gettext(""));
- echo 'The Pfsense md5 file does not exist...' . "\n";
- echo 'Error copying config...' . "\n";
- conf_mount_ro();
- exit(0);
- }
+ if (file_exists("{$tmpfname}/$pfsense_rules_filename_md5")) {
+ echo 'Copying Pfsense md5 sig to snort directory...' . "\n";
+ exec("/bin/cp {$tmpfname}/$pfsense_rules_filename_md5 {$snortdir}/$pfsense_rules_filename_md5");
+ } else {
+ update_status(gettext(""));
+ echo 'The Pfsense md5 file does not exist...' . "\n";
+ echo 'Error copying config...' . "\n";
+ conf_mount_ro();
+ exit(0);
+ }
}
-
+
/* Copy signatures dir to snort dir */
if ($snortdownload == 'on')
{
@@ -639,16 +639,16 @@ if ($snortdownload == 'on')
if ($premium_url_chk == on)
{
if (file_exists("{$snortdir}/doc/signatures")) {
- echo 'Copying signatures...' . "\n";
- echo 'May take a while...' . "\n";
- exec("/bin/mv -f {$snortdir}/doc/signatures {$snortdir}/signatures");
- exec("/bin/rm -r {$snortdir}/doc/signatures");
- echo 'Done copying signatures.' . "\n";
- }else{
- echo 'Directory signatures exist...' . "\n";
- echo 'Error copying signature...' . "\n";
- conf_mount_ro();
- exit(0);
+ echo 'Copying signatures...' . "\n";
+ echo 'May take a while...' . "\n";
+ exec("/bin/mv -f {$snortdir}/doc/signatures {$snortdir}/signatures");
+ exec("/bin/rm -r {$snortdir}/doc/signatures");
+ echo 'Done copying signatures.' . "\n";
+ }else{
+ echo 'Directory signatures exist...' . "\n";
+ echo 'Error copying signature...' . "\n";
+ conf_mount_ro();
+ exit(0);
}
}
}
@@ -687,28 +687,28 @@ exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort/r
function oinkmaster_conf($id, $if_real, $iface_uuid)
{
- global $config, $g, $id, $if_real, $snortdir_wan, $snortdir, $snort_md5_check_ok, $emerg_md5_check_ok, $pfsense_md5_check_ok;
- conf_mount_rw();
-
-/* enable disable setting will carry over with updates */
-/* TODO carry signature changes with the updates */
-if ($snort_md5_check_ok != on || $emerg_md5_check_ok != on || $pfsense_md5_check_ok != on) {
-
-if (!empty($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_on'])) {
-$enabled_sid_on = $config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_on'];
-$enabled_sid_on_array = split('\|\|', $enabled_sid_on);
-foreach($enabled_sid_on_array as $enabled_item_on)
-$selected_sid_on_sections .= "$enabled_item_on\n";
- }
+ global $config, $g, $id, $if_real, $snortdir_wan, $snortdir, $snort_md5_check_ok, $emerg_md5_check_ok, $pfsense_md5_check_ok;
+ conf_mount_rw();
-if (!empty($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_off'])) {
-$enabled_sid_off = $config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_off'];
-$enabled_sid_off_array = split('\|\|', $enabled_sid_off);
-foreach($enabled_sid_off_array as $enabled_item_off)
-$selected_sid_off_sections .= "$enabled_item_off\n";
- }
+ /* enable disable setting will carry over with updates */
+ /* TODO carry signature changes with the updates */
+ if ($snort_md5_check_ok != on || $emerg_md5_check_ok != on || $pfsense_md5_check_ok != on) {
+
+ if (!empty($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_on'])) {
+ $enabled_sid_on = $config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_on'];
+ $enabled_sid_on_array = split('\|\|', $enabled_sid_on);
+ foreach($enabled_sid_on_array as $enabled_item_on)
+ $selected_sid_on_sections .= "$enabled_item_on\n";
+ }
+
+ if (!empty($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_off'])) {
+ $enabled_sid_off = $config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_off'];
+ $enabled_sid_off_array = split('\|\|', $enabled_sid_off);
+ foreach($enabled_sid_off_array as $enabled_item_off)
+ $selected_sid_off_sections .= "$enabled_item_off\n";
+ }
-$snort_sid_text = <<<EOD
+ $snort_sid_text = <<<EOD
###########################################
# #
@@ -722,19 +722,19 @@ update_files = \.rules$|\.config$|\.conf$|\.txt$|\.map$
url = dir:///usr/local/etc/snort/rules
-$selected_sid_on_sections
+ $selected_sid_on_sections
-$selected_sid_off_sections
+ $selected_sid_off_sections
EOD;
- /* open snort's oinkmaster.conf for writing */
- $oinkmasterlist = fopen("/usr/local/etc/snort/snort_{$iface_uuid}_{$if_real}/oinkmaster_{$iface_uuid}_{$if_real}.conf", "w");
+ /* open snort's oinkmaster.conf for writing */
+ $oinkmasterlist = fopen("/usr/local/etc/snort/snort_{$iface_uuid}_{$if_real}/oinkmaster_{$iface_uuid}_{$if_real}.conf", "w");
- fwrite($oinkmasterlist, "$snort_sid_text");
+ fwrite($oinkmasterlist, "$snort_sid_text");
- /* close snort's oinkmaster.conf file */
- fclose($oinkmasterlist);
+ /* close snort's oinkmaster.conf file */
+ fclose($oinkmasterlist);
}
}
@@ -745,38 +745,38 @@ EOD;
function oinkmaster_run($id, $if_real, $iface_uuid)
{
- global $config, $g, $id, $if_real, $snortdir_wan, $snortdir, $snort_md5_check_ok, $emerg_md5_check_ok, $pfsense_md5_check_ok;
- conf_mount_rw();
+ global $config, $g, $id, $if_real, $snortdir_wan, $snortdir, $snort_md5_check_ok, $emerg_md5_check_ok, $pfsense_md5_check_ok;
+ conf_mount_rw();
if ($snort_md5_check_ok != on || $emerg_md5_check_ok != on || $pfsense_md5_check_ok != on)
{
if ($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_on'] == '' && $config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_off'] == '')
{
- echo 'Your first set of rules are being copied...' . "\n";
- echo 'May take a while...' . "\n";
- exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}/rules/");
- exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/generators {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/sid {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ echo 'Your first set of rules are being copied...' . "\n";
+ echo 'May take a while...' . "\n";
+ exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}/rules/");
+ exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/generators {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/sid {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
}else{
- echo 'Your enable and disable changes are being applied to your fresh set of rules...' . "\n";
- echo 'May take a while...' . "\n";
- exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}/rules/");
- exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/generators {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/sid {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
- exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
-
- /* might have to add a sleep for 3sec for flash drives or old drives */
- exec("/usr/local/bin/perl /usr/local/bin/oinkmaster.pl -C /usr/local/etc/snort/snort_{$iface_uuid}_{$if_real}/oinkmaster_{$iface_uuid}_{$if_real}.conf -o /usr/local/etc/snort/snort_{$iface_uuid}_{$if_real}/rules > /usr/local/etc/snort/oinkmaster_{$iface_uuid}_{$if_real}.log");
+ echo 'Your enable and disable changes are being applied to your fresh set of rules...' . "\n";
+ echo 'May take a while...' . "\n";
+ exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}/rules/");
+ exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/generators {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/sid {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+ exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}/snort_{$iface_uuid}_{$if_real}");
+
+ /* might have to add a sleep for 3sec for flash drives or old drives */
+ exec("/usr/local/bin/perl /usr/local/bin/oinkmaster.pl -C /usr/local/etc/snort/snort_{$iface_uuid}_{$if_real}/oinkmaster_{$iface_uuid}_{$if_real}.conf -o /usr/local/etc/snort/snort_{$iface_uuid}_{$if_real}/rules > /usr/local/etc/snort/oinkmaster_{$iface_uuid}_{$if_real}.log");
}
}
}
@@ -791,17 +791,17 @@ if (!empty($config['installedpackages']['snortglobal']['rule']))
$id = -1;
foreach ($rule_array as $value) {
- $id += 1;
+ $id += 1;
+
+ $result_lan = $config['installedpackages']['snortglobal']['rule'][$id]['interface'];
+ $if_real = convert_friendly_interface_to_real_interface_name2($result_lan);
+ $iface_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid'];
- $result_lan = $config['installedpackages']['snortglobal']['rule'][$id]['interface'];
- $if_real = convert_friendly_interface_to_real_interface_name2($result_lan);
- $iface_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid'];
+ /* make oinkmaster.conf for each interface rule */
+ oinkmaster_conf($id, $if_real, $iface_uuid);
- /* make oinkmaster.conf for each interface rule */
- oinkmaster_conf($id, $if_real, $iface_uuid);
-
- /* run oinkmaster for each interface rule */
- oinkmaster_run($id, $if_real, $iface_uuid);
+ /* run oinkmaster for each interface rule */
+ oinkmaster_run($id, $if_real, $iface_uuid);
}
}
@@ -842,8 +842,8 @@ if (file_exists("/tmp/snort_download_halt.pid")) {
echo 'Snort has restarted with your new set of rules...' . "\n";
exec("/bin/rm /tmp/snort_download_halt.pid");
} else {
- echo 'The Rules update finished...' . "\n";
- echo 'You may start snort now...' . "\n\n";
+ echo 'The Rules update finished...' . "\n";
+ echo 'You may start snort now...' . "\n\n";
}
/* script finnished make system read only again */
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-22 19:28:30 +0000