aboutsummaryrefslogtreecommitdiffstats
path: root/config/suricata
diff options
context:
space:
mode:
Diffstat (limited to 'config/suricata')
-rw-r--r--config/suricata/suricata.xml2
-rw-r--r--config/suricata/suricata_etiqrisk_update.php21
-rw-r--r--config/suricata/suricata_global.php4
-rw-r--r--config/suricata/suricata_ip_list_mgmt.php11
-rw-r--r--config/suricata/suricata_post_install.php10
5 files changed, 31 insertions, 17 deletions
diff --git a/config/suricata/suricata.xml b/config/suricata/suricata.xml
index 3b3bf723..c510d72b 100644
--- a/config/suricata/suricata.xml
+++ b/config/suricata/suricata.xml
@@ -42,7 +42,7 @@
<description>Suricata IDS/IPS Package</description>
<requirements>None</requirements>
<name>suricata</name>
- <version>2.0.4 pkg v2.1</version>
+ <version>2.0.4 pkg v2.1.3</version>
<title>Services: Suricata IDS</title>
<include_file>/usr/local/pkg/suricata/suricata.inc</include_file>
<menu>
diff --git a/config/suricata/suricata_etiqrisk_update.php b/config/suricata/suricata_etiqrisk_update.php
index 6723ce99..70fbdb79 100644
--- a/config/suricata/suricata_etiqrisk_update.php
+++ b/config/suricata/suricata_etiqrisk_update.php
@@ -41,6 +41,7 @@
require_once("config.inc");
require_once("functions.inc");
require_once("/usr/local/pkg/suricata/suricata.inc");
+require("/usr/local/pkg/suricata/suricata_defs.inc");
/*************************************************************************
* Hack for backwards compatibility with older 2.1.x pfSense versions *
@@ -101,21 +102,22 @@ function suricata_check_iprep_md5($filename) {
/* error occurred. */
/**********************************************************/
- global $et_iqrisk_url, $iqRisk_tmppath, $iprep_path;
+ global $iqRisk_tmppath, $iprep_path;
$new_md5 = $old_md5 = "";
+ $et_iqrisk_url = str_replace("_xxx_", $config['installedpackages']['suricata']['config'][0]['iqrisk_code'], ET_IQRISK_DNLD_URL);
if (download_file("{$et_iqrisk_url}{$filename}.md5sum", "{$iqRisk_tmppath}{$filename}.md5") == true) {
if (file_exists("{$iqRisk_tmppath}{$filename}.md5"))
- $new_md5 = file_get_contents("{$iqRisk_tmppath}{$filename}.md5");
+ $new_md5 = trim(file_get_contents("{$iqRisk_tmppath}{$filename}.md5"));
if (file_exists("{$iprep_path}{$filename}.md5"))
- $old_md5 = file_get_contents("{$iprep_path}{$filename}.md5");
+ $old_md5 = trim(file_get_contents("{$iprep_path}{$filename}.md5"));
if ($new_md5 != $old_md5)
return TRUE;
else
log_error(gettext("[Suricata] IPREP file '{$filename}' is up to date."));
}
else
- log_error(gettext("[Suricata] An error occurred downloading {$filename}.md5sum for IPREP. Update of {$filename} file will be skipped."));
+ log_error(gettext("[Suricata] An error occurred downloading {$et_iqrisk_url}{$filename}.md5sum for IPREP. Update of {$filename} file will be skipped."));
return FALSE;
}
@@ -128,6 +130,9 @@ $iprep_path = SURICATA_IPREP_PATH;
$iqRisk_tmppath = "{$g['tmp_path']}/IQRisk/";
$success = FALSE;
+if (!is_array($config['installedpackages']['suricata']['config'][0]))
+ $config['installedpackages']['suricata']['config'][0] = array();
+
// If auto-updates of ET IQRisk are disabled, then exit
if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == "off")
return(0);
@@ -156,8 +161,8 @@ if (suricata_check_iprep_md5("categories.txt")) {
// If the files downloaded successfully, unpack them and store
// the list files in the SURICATA_IPREP_PATH directory.
if (file_exists("{$iqRisk_tmppath}categories.txt") && file_exists("{$iqRisk_tmppath}categories.txt.md5")) {
- $new_md5 = file_get_contents("{$iqRisk_tmppath}categories.txt.md5");
- if ($new_md5 == trim(md5_file("{$iqRisk_tmppath}categories.txt"))) {
+ $new_md5 = trim(file_get_contents("{$iqRisk_tmppath}categories.txt.md5"));
+ if ($new_md5 == md5_file("{$iqRisk_tmppath}categories.txt")) {
@rename("{$iqRisk_tmppath}categories.txt", "{$iprep_path}categories.txt");
@rename("{$iqRisk_tmppath}categories.txt.md5", "{$iprep_path}categories.txt.md5");
$success = TRUE;
@@ -179,8 +184,8 @@ if (suricata_check_iprep_md5("iprepdata.txt.gz")) {
// If the files downloaded successfully, unpack them and store
// the list files in the SURICATA_IPREP_PATH directory.
if (file_exists("{$iqRisk_tmppath}iprepdata.txt.gz") && file_exists("{$iqRisk_tmppath}iprepdata.txt.gz.md5")) {
- $new_md5 = file_get_contents("{$iqRisk_tmppath}iprepdata.txt.gz.md5");
- if ($new_md5 == trim(md5_file("{$iqRisk_tmppath}iprepdata.txt.gz"))) {
+ $new_md5 = trim(file_get_contents("{$iqRisk_tmppath}iprepdata.txt.gz.md5"));
+ if ($new_md5 == md5_file("{$iqRisk_tmppath}iprepdata.txt.gz")) {
mwexec("/usr/bin/gunzip -f {$iqRisk_tmppath}iprepdata.txt.gz");
@rename("{$iqRisk_tmppath}iprepdata.txt", "{$iprep_path}iprepdata.txt");
@rename("{$iqRisk_tmppath}iprepdata.txt.gz.md5", "{$iprep_path}iprepdata.txt.gz.md5");
diff --git a/config/suricata/suricata_global.php b/config/suricata/suricata_global.php
index eb657465..8eea8d2d 100644
--- a/config/suricata/suricata_global.php
+++ b/config/suricata/suricata_global.php
@@ -236,13 +236,13 @@ if ($input_errors)
<tr>
<td valign="top" width="8%"><input name="enable_etopen_rules" type="checkbox" value="on" onclick="enable_et_rules();"
<?php if ($config['installedpackages']['suricata']['config'][0]['enable_etopen_rules']=="on") echo "checked"; ?>/></td>
- <td><span class="vexpl"><?php echo gettext("ETOpen is an open source set of Snort rules whose coverage " .
+ <td><span class="vexpl"><?php echo gettext("ETOpen is an open source set of Suricata rules whose coverage " .
"is more limited than ETPro."); ?></span></td>
</tr>
<tr>
<td valign="top" width="8%"><input name="enable_etpro_rules" type="checkbox" value="on" onclick="enable_pro_rules();"
<?php if ($config['installedpackages']['suricata']['config'][0]['enable_etpro_rules']=="on") echo "checked"; ?>/></td>
- <td><span class="vexpl"><?php echo gettext("ETPro for Snort offers daily updates and extensive coverage of current malware threats."); ?></span></td>
+ <td><span class="vexpl"><?php echo gettext("ETPro for Suricata offers daily updates and extensive coverage of current malware threats."); ?></span></td>
</tr>
<tr>
<td>&nbsp;</td>
diff --git a/config/suricata/suricata_ip_list_mgmt.php b/config/suricata/suricata_ip_list_mgmt.php
index ee3a7009..37decaad 100644
--- a/config/suricata/suricata_ip_list_mgmt.php
+++ b/config/suricata/suricata_ip_list_mgmt.php
@@ -101,11 +101,14 @@ if ($_POST['save']) {
/* Toggle cron task for ET IQRisk updates if setting was changed */
if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == 'on' && !suricata_cron_job_exists("/usr/local/pkg/suricata/suricata_etiqrisk_update.php")) {
- include("/usr/local/pkg/suricata/suricata_etiqrisk_update.php");
- install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_etiqrisk_update.php", TRUE, 0, 0, "*", "*", "*", "root");
+ install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_etiqrisk_update.php", TRUE, 0, "*/6", "*", "*", "*", "root");
}
elseif ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == 'off' && suricata_cron_job_exists("/usr/local/pkg/suricata/suricata_etiqrisk_update.php"))
install_cron_job("/usr/local/pkg/suricata/suricata_etiqrisk_update.php", FALSE);
+
+ /* Peform a manual ET IQRisk file check/download */
+ if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == 'on')
+ include("/usr/local/pkg/suricata/suricata_etiqrisk_update.php");
}
}
@@ -287,7 +290,9 @@ if ($savemsg)
height="17" border="0" title="<?php echo gettext('Import/Upload an IP List');?>"/></th>
</tr>
</thead>
- <?php foreach ($ipfiles as $file): ?>
+ <?php foreach ($ipfiles as $file):
+ if (substr(strrchr($file, "."), 1) == "md5")
+ continue; ?>
<tr>
<td class="listr"><?php echo gettext($file); ?></td>
<td class="listr"><?=date('M-d Y g:i a', filemtime("{$iprep_path}{$file}")); ?></td>
diff --git a/config/suricata/suricata_post_install.php b/config/suricata/suricata_post_install.php
index f4a66b0b..070cf095 100644
--- a/config/suricata/suricata_post_install.php
+++ b/config/suricata/suricata_post_install.php
@@ -112,6 +112,10 @@ safe_mkdir(SURICATALOGDIR);
safe_mkdir(SURICATA_SID_MODS_PATH);
safe_mkdir(SURICATA_IPREP_PATH);
+// Make sure config variable is an array
+if (!is_array($config['installedpackages']['suricata']['config'][0]))
+ $config['installedpackages']['suricata']['config'][0] = array();
+
// Download the latest GeoIP DB updates and create cron task if the feature is not disabled
if ($config['installedpackages']['suricata']['config'][0]['autogeoipupdate'] != 'off') {
log_error(gettext("[Suricata] Installing free GeoIP country database files..."));
@@ -123,7 +127,7 @@ if ($config['installedpackages']['suricata']['config'][0]['autogeoipupdate'] !=
if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == 'on') {
log_error(gettext("[Suricata] Installing Emerging Threats IQRisk IP List..."));
include("/usr/local/pkg/suricata/suricata_etiqrisk_update.php");
- install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_etiqrisk_update.php", TRUE, 0, 0, "*", "*", "*", "root");
+ install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_etiqrisk_update.php", TRUE, 0, "*/6", "*", "*", "*", "root");
}
// remake saved settings if previously flagged
@@ -254,8 +258,8 @@ if (empty($config['installedpackages']['suricata']['config'][0]['forcekeepsettin
conf_mount_ro();
// Update Suricata package version in configuration
-$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "2.1";
-write_config("Suricata pkg v2.1: post-install configuration saved.");
+$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "2.1.2";
+write_config("Suricata pkg v2.1.2: post-install configuration saved.");
// Done with post-install, so clear flag
unset($g['suricata_postinstall']);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-05 08:27:18 +0000