aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort.inc36
-rwxr-xr-xconfig/snort/snort_check_for_rule_updates.php12
2 files changed, 23 insertions, 25 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 638825ce..e579fdac 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -51,16 +51,16 @@ $snortver = array();
exec("/usr/local/bin/snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26", $snortver);
/* Used to indicate latest version of this include file has been loaded */
-$pfSense_snort_version = "3.1.2";
+$pfSense_snort_version = "3.1.3";
/* get installed package version for display */
$snort_package_version = "Snort {$config['installedpackages']['package'][get_pkg_id("snort")]['version']}";
// Define SNORTDIR and SNORTLIBDIR constants according to pfSense version
$pfs_version=substr(trim(file_get_contents("/etc/version")),0,3);
-if ($pfs_version < 2.1) {
- define("SNORTDIR", "/usr/local/etc/snort");
- define("SNORTLIBDIR", "/usr/local/lib/snort");
+if ($pfs_version >= 2.2) {
+ define("SNORTDIR", "/usr/pbi/snort-" . php_uname("m") . "/local/etc/snort");
+ define("SNORTLIBDIR", "/usr/pbi/snort-" . php_uname("m") . "/local/lib/snort");
}
else {
define("SNORTDIR", "/usr/pbi/snort-" . php_uname("m") . "/etc/snort");
@@ -3027,7 +3027,7 @@ function snort_deinstall() {
if ($config['installedpackages']['snortglobal']['clearlogs'] == 'on') {
log_error(gettext("[Snort] Clearing all Snort-related log files..."));
unlink_if_exists("{$snort_rules_upd_log}");
- mwexec("/bin/rm -rf {$snortlogdir}");
+ rmdir_recursive($snortlogdir);
}
/**********************************************************/
@@ -3043,13 +3043,11 @@ function snort_deinstall() {
/**********************************************************/
if (file_exists("/tmp/pkg_libs.tgz") || file_exists("/tmp/pkg_bins.tgz")) {
log_error(gettext("[Snort] Package deletion requested... removing all files..."));
- mwexec("/bin/rm -rf {$snortdir}");
- mwexec("/bin/rm -rf {$snortlibdir}/dynamicrules");
- mwexec("/bin/rm -f {$rcdir}snort.sh");
- mwexec("/bin/rm -rf /usr/local/pkg/snort");
- mwexec("/bin/rm -rf /usr/local/www/snort");
- mwexec("/bin/rm -rf /usr/local/etc/snort");
- mwexec("/bin/rm -rf /usr/local/lib/snort");
+ unlink_if_exists("{$rcdir}snort.sh");
+ rmdir_recursive("/usr/local/pkg/snort/");
+ rmdir_recursive("/usr/local/www/snort/");
+ rmdir_recursive("/usr/local/etc/snort/");
+ rmdir_recursive("/usr/local/lib/snort/");
}
/* Keep this as a last step */
@@ -3060,9 +3058,9 @@ function snort_deinstall() {
unlink_if_exists("{$snort_rules_upd_log}");
log_error(gettext("[Snort] Flushing <snort2c> firewall table to remove addresses blocked by Snort..."));
mwexec("/sbin/pfctl -t snort2c -T flush");
- mwexec("/bin/rm -rf {$snortlogdir}");
- mwexec("/bin/rm -rf {$iprep_path}");
- mwexec("/bin/rm -rf {$sidmods_path}");
+ rmdir_recursive($snortlogdir);
+ rmdir_recursive($iprep_path);
+ rmdir_recursive($sidmods_path);
log_error(gettext("[Snort] The package has been removed from this system..."));
}
}
@@ -3082,7 +3080,7 @@ function snort_prepare_rule_files($snortcfg, $snortcfgdir) {
/* to be written. */
/***********************************************************/
- global $g, $rebuild_rules;
+ global $g, $config, $rebuild_rules;
$snortdir = SNORTDIR;
$flowbit_rules_file = FLOWBITS_FILENAME;
@@ -3260,12 +3258,12 @@ function snort_prepare_rule_files($snortcfg, $snortcfgdir) {
$no_rules_defined = false;
snort_modify_sids($enabled_rules, $snortcfg);
- // Write the enforcing rules file to the Suricata interface's "rules" directory.
+ // Write the enforcing rules file to the Snort interface's "rules" directory.
snort_write_enforcing_rules_file($enabled_rules, "{$snortcfgdir}/rules/{$snort_enforcing_rules_file}");
// If auto-flowbit resolution is enabled, generate the dependent flowbits rules file.
if ($snortcfg['autoflowbitrules'] == 'on') {
- log_error('[Suricata] Enabling any flowbit-required rules for: ' . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . '...');
+ log_error('[Snort] Enabling any flowbit-required rules for: ' . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . '...');
// Load up all rules into a Rules Map array for flowbits assessment
$all_rules = snort_load_rules_map("{$snortdir}/rules/");
@@ -3652,7 +3650,7 @@ function snort_do_xmlrpc_sync($syncdownloadrules, $sync_to_ip, $port, $username,
}
if (!empty($sid_files) && $error == "")
- log_error("[suricata] Snort pkg XMLRPC CARP sync auto-SID conf files success with {$url}:{$port} (pfsense.exec_php).");
+ log_error("[snort] Snort pkg XMLRPC CARP sync auto-SID conf files success with {$url}:{$port} (pfsense.exec_php).");
/**************************************************/
/* Send over the <snortglobal> portion of the */
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index 9d8d15d5..ebd1fd53 100755
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -409,7 +409,7 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
/* remove any old $tmpfname files */
if (is_dir("{$tmpfname}"))
- exec("/bin/rm -rf {$tmpfname}");
+ rmdir_recursive($tmpfname);
/* Make sure required snortdirs exsist */
safe_mkdir("{$snortdir}/rules");
@@ -529,7 +529,7 @@ if ($snortdownload == 'on') {
exec("/bin/cp {$tmpfname}/so_rules/precompiled/{$freebsd_version_so}/x86-64/{$snort_version}/*.so {$snortlibdir}/dynamicrules/");
} else
$nosorules = true;
- exec("rm -rf {$tmpfname}/so_rules");
+ rmdir_recursive("{$tmpfname}/so_rules/");
if ($nosorules == false) {
/* extract Shared Object stub rules, rename and copy to the rules folder. */
if ($pkg_interface <> "console")
@@ -540,7 +540,7 @@ if ($snortdownload == 'on') {
$newfile = basename($file, ".rules");
@copy($file, "{$snortdir}/rules/" . VRT_FILE_PREFIX . "{$newfile}.so.rules");
}
- exec("rm -rf {$tmpfname}/so_rules");
+ rmdir_recursive("{$tmpfname}/so_rules/");
}
/* extract base etc files */
if ($pkg_interface <> "console") {
@@ -598,7 +598,7 @@ if ($snortcommunityrules == 'on') {
update_output_window(gettext("Installation of Snort GPLv2 Community Rules file completed..."));
}
error_log(gettext("\tInstallation of Snort GPLv2 Community Rules completed.\n"), 3, $snort_rules_upd_log);
- exec("rm -rf {$tmpfname}/community");
+ rmdir_recursive("{$tmpfname}/community/");
}
}
@@ -659,7 +659,7 @@ if ($emergingthreats == 'on') {
update_output_window(gettext("Installation of {$et_name} rules completed..."));
}
error_log(gettext("\tInstallation of {$et_name} rules completed.\n"), 3, $snort_rules_upd_log);
- exec("rm -rf {$tmpfname}/emerging");
+ rmdir_recursive("{$tmpfname}/emerging/");
}
}
@@ -797,7 +797,7 @@ if ($snortdownload == 'on' || $emergingthreats == 'on' || $snortcommunityrules =
/* remove $tmpfname files */
if (is_dir("{$tmpfname}")) {
- exec("/bin/rm -rf {$tmpfname}");
+ rmdir_recursive($tmpfname);
}
if ($pkg_interface <> "console")