diff options
Diffstat (limited to 'config/snort')
-rwxr-xr-x | config/snort/snort.inc | 7 | ||||
-rwxr-xr-x | config/snort/snort_check_for_rule_updates.php | 11 | ||||
-rwxr-xr-x | config/snort/snort_download_updates.php | 7 |
3 files changed, 19 insertions, 6 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index c71c0d0c..79fef4fa 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -5,6 +5,7 @@ * Copyright (C) 2006 Scott Ullrich * Copyright (C) 2009-2010 Robert Zelaya * Copyright (C) 2011-2012 Ermal Luci + * Copyright (C) 2013 Bill Meeks * part of pfSense * All rights reserved. * @@ -45,13 +46,15 @@ ini_set("memory_limit", "192M"); // Explicitly declare this as global so it works through function call includes global $rebuild_rules, $pfSense_snort_version; -// Grab the Snort binary version programmatically +// Grab the Snort binary version programmatically, but if that fails use a safe default $snortver = array(); exec("/usr/local/bin/snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26", $snortver); $snort_version = $snortver[0]; +if (empty($snort_version)) + $snort_version = "2.9.5.5"; /* package version */ -$pfSense_snort_version = "3.0.0"; +$pfSense_snort_version = "3.0.1"; $snort_package_version = "Snort {$snort_version} pkg v{$pfSense_snort_version}"; // Define SNORTDIR and SNORTLIBDIR constants according to pfSense version diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index 28539f1f..a93aef56 100755 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -5,6 +5,7 @@ * Copyright (C) 2006 Scott Ullrich * Copyright (C) 2009 Robert Zelaya * Copyright (C) 2011-2012 Ermal Luci + * Copyright (C) 2013 Bill Meeks * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -88,10 +89,15 @@ $et_enabled = $config['installedpackages']['snortglobal']['emergingthreats']; $tmpfname = "{$snortdir}/tmp/snort_rules_up"; /* Grab the Snort binary version programmatically and use it to construct */ -/* the proper Snort VRT rules tarball and md5 filenames. */ +/* the proper Snort VRT rules tarball and md5 filenames. Fallback to a */ +/* default in the event we fail. */ +$snortver = array(); exec("/usr/local/bin/snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26", $snortver); // Save the version with decimal delimiters for use in extracting the rules $snort_version = $snortver[0]; +if (empty($snort_version)) + $snort_version = "2.9.5.5"; + // Create a collapsed version string for use in the tarball filename $snortver[0] = str_replace(".", "", $snortver[0]); $snort_filename = "snortrules-snapshot-{$snortver[0]}.tar.gz"; @@ -695,8 +701,7 @@ if ($snortdownload == 'on' || $emergingthreats == 'on' || $snortcommunityrules = } /* Start the rules rebuild proccess for each configured interface */ - if (is_array($config['installedpackages']['snortglobal']['rule']) && - !empty($config['installedpackages']['snortglobal']['rule'])) { + if (is_array($config['installedpackages']['snortglobal']['rule'])) { /* Set the flag to force rule rebuilds since we downloaded new rules, */ /* except when in post-install mode. Post-install does its own rebuild. */ diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php index 1db5b6a0..5c9b8210 100755 --- a/config/snort/snort_download_updates.php +++ b/config/snort/snort_download_updates.php @@ -43,9 +43,14 @@ $log = $snort_rules_upd_log; /* Grab the Snort binary version programmatically and */ /* use it to construct the proper Snort VRT rules */ -/* tarball filename. */ +/* tarball filename. Fallback to a safe default if */ +/* we fail. */ +$snortver = array(); exec("/usr/local/bin/snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26", $snortver); +if (empty($snortver[0])) + $snortver[0] = "2.9.5.5"; $snortver[0] = str_replace(".", "", $snortver[0]); + $snort_rules_file = "snortrules-snapshot-{$snortver[0]}.tar.gz"; //$snort_rules_file = VRT_DNLD_FILENAME; $snort_community_rules_filename = GPLV2_DNLD_FILENAME; |