aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort.inc7
-rwxr-xr-xconfig/snort/snort_check_for_rule_updates.php11
-rwxr-xr-xconfig/snort/snort_download_updates.php7
3 files changed, 19 insertions, 6 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index c71c0d0c..79fef4fa 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -5,6 +5,7 @@
* Copyright (C) 2006 Scott Ullrich
* Copyright (C) 2009-2010 Robert Zelaya
* Copyright (C) 2011-2012 Ermal Luci
+ * Copyright (C) 2013 Bill Meeks
* part of pfSense
* All rights reserved.
*
@@ -45,13 +46,15 @@ ini_set("memory_limit", "192M");
// Explicitly declare this as global so it works through function call includes
global $rebuild_rules, $pfSense_snort_version;
-// Grab the Snort binary version programmatically
+// Grab the Snort binary version programmatically, but if that fails use a safe default
$snortver = array();
exec("/usr/local/bin/snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26", $snortver);
$snort_version = $snortver[0];
+if (empty($snort_version))
+ $snort_version = "2.9.5.5";
/* package version */
-$pfSense_snort_version = "3.0.0";
+$pfSense_snort_version = "3.0.1";
$snort_package_version = "Snort {$snort_version} pkg v{$pfSense_snort_version}";
// Define SNORTDIR and SNORTLIBDIR constants according to pfSense version
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index 28539f1f..a93aef56 100755
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -5,6 +5,7 @@
* Copyright (C) 2006 Scott Ullrich
* Copyright (C) 2009 Robert Zelaya
* Copyright (C) 2011-2012 Ermal Luci
+ * Copyright (C) 2013 Bill Meeks
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -88,10 +89,15 @@ $et_enabled = $config['installedpackages']['snortglobal']['emergingthreats'];
$tmpfname = "{$snortdir}/tmp/snort_rules_up";
/* Grab the Snort binary version programmatically and use it to construct */
-/* the proper Snort VRT rules tarball and md5 filenames. */
+/* the proper Snort VRT rules tarball and md5 filenames. Fallback to a */
+/* default in the event we fail. */
+$snortver = array();
exec("/usr/local/bin/snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26", $snortver);
// Save the version with decimal delimiters for use in extracting the rules
$snort_version = $snortver[0];
+if (empty($snort_version))
+ $snort_version = "2.9.5.5";
+
// Create a collapsed version string for use in the tarball filename
$snortver[0] = str_replace(".", "", $snortver[0]);
$snort_filename = "snortrules-snapshot-{$snortver[0]}.tar.gz";
@@ -695,8 +701,7 @@ if ($snortdownload == 'on' || $emergingthreats == 'on' || $snortcommunityrules =
}
/* Start the rules rebuild proccess for each configured interface */
- if (is_array($config['installedpackages']['snortglobal']['rule']) &&
- !empty($config['installedpackages']['snortglobal']['rule'])) {
+ if (is_array($config['installedpackages']['snortglobal']['rule'])) {
/* Set the flag to force rule rebuilds since we downloaded new rules, */
/* except when in post-install mode. Post-install does its own rebuild. */
diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php
index 1db5b6a0..5c9b8210 100755
--- a/config/snort/snort_download_updates.php
+++ b/config/snort/snort_download_updates.php
@@ -43,9 +43,14 @@ $log = $snort_rules_upd_log;
/* Grab the Snort binary version programmatically and */
/* use it to construct the proper Snort VRT rules */
-/* tarball filename. */
+/* tarball filename. Fallback to a safe default if */
+/* we fail. */
+$snortver = array();
exec("/usr/local/bin/snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26", $snortver);
+if (empty($snortver[0]))
+ $snortver[0] = "2.9.5.5";
$snortver[0] = str_replace(".", "", $snortver[0]);
+
$snort_rules_file = "snortrules-snapshot-{$snortver[0]}.tar.gz";
//$snort_rules_file = VRT_DNLD_FILENAME;
$snort_community_rules_filename = GPLV2_DNLD_FILENAME;