aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort_check_for_rule_updates.php53
1 files changed, 24 insertions, 29 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index 60747ea6..54ec2c11 100755
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -212,26 +212,26 @@ $last_curl_error = "";
/* download md5 sig from snort.org */
if ($snortdownload == 'on') {
if ($pkg_interface <> "console")
- update_status(gettext("Downloading Snort VRT md5 file..."));
- error_log(gettext("\tDownloading Snort VRT md5 file...\n"), 3, $snort_rules_upd_log);
+ update_status(gettext("Downloading Snort VRT md5 file {$snort_filename_md5}..."));
+ error_log(gettext("\tDownloading Snort VRT md5 file '{$snort_filename_md5}'...\n"), 3, $snort_rules_upd_log);
$rc = snort_download_file_url("{$snort_rule_url}{$snort_filename_md5}/{$oinkid}/", "{$tmpfname}/{$snort_filename_md5}");
if ($rc === true) {
if ($pkg_interface <> "console")
- update_status(gettext("Done downloading snort.org md5."));
+ update_status(gettext("Done downloading {$snort_filename_md5}."));
error_log("\tChecking Snort VRT md5 file...\n", 3, $snort_rules_upd_log);
}
else {
error_log(gettext("\tSnort VRT md5 download failed.\n"), 3, $snort_rules_upd_log);
if ($rc == 403) {
$snort_err_msg = gettext("Too many attempts or Oinkcode not authorized for this Snort version.\n");
- $snort_err_msg .= gettext("\tFree Registered User accounts may download Snort VRT Rules once every 15 minutes.\n");
- $snort_err_msg .= gettext("\tPaid Subscriber accounts have no download limits.\n");
+ $snort_err_msg .= gettext("\tFree Registered Users may download VRT Rules once every 15 minutes.\n");
+ $snort_err_msg .= gettext("\tPaid Subscribers have no download limits.\n");
}
else
$snort_err_msg = gettext("Server returned error code '{$rc}'.");
if ($pkg_interface <> "console") {
update_status(gettext("Snort VRT md5 error ... Server returned error code {$rc} ..."));
- update_output_window(gettext("Snort VRT rules will not be updated.\n{$snort_err_msg}"));
+ update_output_window(gettext("Snort VRT rules will not be updated.\n\t{$snort_err_msg}"));
}
log_error(gettext("[Snort] Snort VRT md5 download failed..."));
log_error(gettext("[Snort] Server returned error code '{$rc}'..."));
@@ -261,13 +261,15 @@ if ($snortdownload == 'on') {
/* download snortrules file */
if ($snortdownload == 'on') {
if ($pkg_interface <> "console")
- update_status(gettext("There is a new set of Snort VRT rules posted. Downloading..."));
+ update_status(gettext("There is a new set of Snort VRT rules posted. Downloading {$snort_filename}..."));
log_error(gettext("[Snort] There is a new set of Snort VRT rules posted. Downloading..."));
- error_log(gettext("\tThere is a new set of Snort VRT rules posted. Downloading...\n"), 3, $snort_rules_upd_log);
+ error_log(gettext("\tThere is a new set of Snort VRT rules posted.\n"), 3, $snort_rules_upd_log);
+ error_log(gettext("\tDownloading file '{$snort_filename}'...\n"), 3, $snort_rules_upd_log);
$rc = snort_download_file_url("{$snort_rule_url}{$snort_filename}/{$oinkid}/", "{$tmpfname}/{$snort_filename}");
if ($rc === true) {
if ($pkg_interface <> "console")
update_status(gettext("Done downloading Snort VRT rules file."));
+ log_error("[Snort] Snort VRT rules file update downloaded successfully");
error_log(gettext("\tDone downloading rules file.\n"),3, $snort_rules_upd_log);
if (trim(file_get_contents("{$tmpfname}/{$snort_filename_md5}")) != trim(md5_file("{$tmpfname}/{$snort_filename}"))){
if ($pkg_interface <> "console")
@@ -297,8 +299,8 @@ if ($snortdownload == 'on') {
/* download md5 sig from Snort GPLv2 Community Rules */
if ($snortcommunityrules == 'on') {
if ($pkg_interface <> "console")
- update_status(gettext("Downloading Snort GPLv2 Community Rules md5 file..."));
- error_log(gettext("\tDownloading Snort GPLv2 Community Rules md5 file...\n"), 3, $snort_rules_upd_log);
+ update_status(gettext("Downloading Snort GPLv2 Community Rules md5 file {$snort_community_rules_filename_md5}..."));
+ error_log(gettext("\tDownloading Snort GPLv2 Community Rules md5 file '{$snort_community_rules_filename_md5}'...\n"), 3, $snort_rules_upd_log);
$rc = snort_download_file_url("{$snort_community_rules_url}{$snort_community_rules_filename_md5}", "{$tmpfname}/{$snort_community_rules_filename_md5}");
if ($rc === true) {
if ($pkg_interface <> "console")
@@ -332,9 +334,10 @@ if ($snortcommunityrules == 'on') {
/* download Snort GPLv2 Community rules file */
if ($snortcommunityrules == "on") {
if ($pkg_interface <> "console")
- update_status(gettext("There is a new set of Snort GPLv2 Community Rules posted. Downloading..."));
+ update_status(gettext("There is a new set of Snort GPLv2 Community Rules posted. Downloading {$snort_community_rules_filename} ..."));
log_error(gettext("[Snort] There is a new set of Snort GPLv2 Community Rules posted. Downloading..."));
- error_log(gettext("\tThere is a new set of Snort GPLv2 Community Rules posted. Downloading...\n"), 3, $snort_rules_upd_log);
+ error_log(gettext("\tThere is a new set of Snort GPLv2 Community Rules posted.\n"), 3, $snort_rules_upd_log);
+ error_log(gettext("\tDownloading file '{$snort_community_rules_filename}'...\n"), 3, $snort_rules_upd_log);
$rc = snort_download_file_url("{$snort_community_rules_url}{$snort_community_rules_filename}", "{$tmpfname}/{$snort_community_rules_filename}");
/* Test for a valid rules file download. Turn off Snort Community update if download failed. */
@@ -410,15 +413,11 @@ if ($snortcommunityrules == 'on') {
if ($emergingthreats == 'on') {
if ($pkg_interface <> "console")
update_status(gettext("Downloading EmergingThreats md5 file..."));
- error_log(gettext("\tDownloading EmergingThreats md5 file...\n"), 3, $snort_rules_upd_log);
- /* If using Sourcefire VRT rules with ET, then we should use the open-nogpl ET rules. */
- if ($vrt_enabled == "on")
- $rc = snort_download_file_url("http://rules.emergingthreats.net/open-nogpl/snort-{$emerging_threats_version}/{$emergingthreats_filename_md5}", "{$tmpfname}/{$emergingthreats_filename_md5}");
- else
- $rc = snort_download_file_url("http://rules.emergingthreats.net/open/snort-{$emerging_threats_version}/{$emergingthreats_filename_md5}", "{$tmpfname}/{$emergingthreats_filename_md5}");
+ error_log(gettext("\tDownloading EmergingThreats md5 file '{$emergingthreats_filename_md5}'...\n"), 3, $snort_rules_upd_log);
+ $rc = snort_download_file_url("{$emergingthreats_url}{$emergingthreats_filename_md5}", "{$tmpfname}/{$emergingthreats_filename_md5}");
if ($rc === true) {
if ($pkg_interface <> "console")
- update_status(gettext("Done downloading EmergingThreats md5"));
+ update_status(gettext("Done downloading EmergingThreats md5 file {$emergingthreats_filename_md5}"));
error_log(gettext("\tChecking EmergingThreats md5.\n"), 3, $snort_rules_upd_log);
if (file_exists("{$snortdir}/{$emergingthreats_filename_md5}") && $emergingthreats == "on") {
/* Check if were up to date emergingthreats.net */
@@ -448,15 +447,11 @@ if ($emergingthreats == 'on') {
/* download emergingthreats rules file */
if ($emergingthreats == "on") {
if ($pkg_interface <> "console")
- update_status(gettext("There is a new set of EmergingThreats rules posted. Downloading..."));
+ update_status(gettext("There is a new set of EmergingThreats rules posted. Downloading {$emergingthreats_filename}..."));
log_error(gettext("[Snort] There is a new set of EmergingThreats rules posted. Downloading..."));
- error_log(gettext("\tThere is a new set of EmergingThreats rules posted. Downloading...\n"), 3, $snort_rules_upd_log);
-
- /* If using Sourcefire VRT rules with ET, then we should use the open-nogpl ET rules. */
- if ($vrt_enabled == "on")
- $rc = snort_download_file_url("http://rules.emergingthreats.net/open-nogpl/snort-{$emerging_threats_version}/{$emergingthreats_filename}", "{$tmpfname}/{$emergingthreats_filename}");
- else
- $rc = snort_download_file_url("http://rules.emergingthreats.net/open/snort-{$emerging_threats_version}/{$emergingthreats_filename}", "{$tmpfname}/{$emergingthreats_filename}");
+ error_log(gettext("\tThere is a new set of EmergingThreats rules posted.\n"), 3, $snort_rules_upd_log);
+ error_log(gettext("\tDownloading file '{$emergingthreats_filename}'...\n"), 3, $snort_rules_upd_log);
+ $rc = snort_download_file_url("{$emergingthreats_url}{$emergingthreats_filename}", "{$tmpfname}/{$emergingthreats_filename}");
/* Test for a valid rules file download. Turn off ET update if download failed. */
if ($rc === true) {
@@ -574,10 +569,10 @@ if ($snortdownload == 'on') {
$nosorules = false;
if ($snort_arch == 'i386'){
exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp so_rules/precompiled/{$freebsd_version_so}/i386/{$snort_version}/");
- exec("/bin/cp {$snortdir}/tmp/so_rules/precompiled/{$freebsd_version_so}/i386/{$snort_version}/* {$snortlibdir}/dynamicrules/");
+ exec("/bin/cp {$snortdir}/tmp/so_rules/precompiled/{$freebsd_version_so}/i386/{$snort_version}/*.so {$snortlibdir}/dynamicrules/");
} elseif ($snort_arch == 'amd64') {
exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp so_rules/precompiled/{$freebsd_version_so}/x86-64/{$snort_version}/");
- exec("/bin/cp {$snortdir}/tmp/so_rules/precompiled/{$freebsd_version_so}/x86-64/{$snort_version}/* {$snortlibdir}/dynamicrules/");
+ exec("/bin/cp {$snortdir}/tmp/so_rules/precompiled/{$freebsd_version_so}/x86-64/{$snort_version}/*.so {$snortlibdir}/dynamicrules/");
} else
$nosorules = true;
exec("rm -r {$snortdir}/tmp/so_rules");