diff options
Diffstat (limited to 'config')
-rw-r--r-- | config/snort-dev/snort.xml | 42 | ||||
-rw-r--r-- | config/snort-dev/snort_advanced.xml | 32 |
2 files changed, 55 insertions, 19 deletions
diff --git a/config/snort-dev/snort.xml b/config/snort-dev/snort.xml index 4f039a97..3f6f91c8 100644 --- a/config/snort-dev/snort.xml +++ b/config/snort-dev/snort.xml @@ -46,8 +46,8 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>Snort</name> - <version>2.8.4.1_1</version> - <title>Services: Snort 2.8.4.1_2 pkg v. 1.6 RC5</title> + <version>2.8.4.1_2</version> + <title>Services: Snort 2.8.4.1_2 pkg v. 1.6</title> <include_file>/usr/local/pkg/snort.inc</include_file> <menu> <name>Snort</name> @@ -59,6 +59,7 @@ <name>snort</name> <rcfile>snort.sh</rcfile> <executable>snort</executable> + <description>Snort is the most widely deployed IDS/IPS technology worldwide..</description> </service> <tabs> <tab> @@ -194,6 +195,7 @@ <fieldname>iface_array</fieldname> <description>Select the interface(s) Snort will listen on.</description> <type>interfaces_selection</type> + <required/> <size>3</size> <value>lan</value> <multiple>true</multiple> @@ -233,6 +235,16 @@ <value>acs</value> </option> </options> + <required/> + </field> + <field> + </field> + <field> + <fielddescr>Install Snort.org rules.</fielddescr> + <fieldname>installsnortrules</fieldname> + <description>Free Snort.org rules that are maintained by Sourcefire. See the Pfsense Snort FAQ on how to get a subscription.</description> + <type>checkbox</type> + <required/> </field> <field> <fielddescr>Oinkmaster code</fielddescr> @@ -245,11 +257,27 @@ <field> <fielddescr>Snort.org subscriber</fielddescr> <fieldname>subscriber</fieldname> - <description>Check this box if you are a Snort.org subscriber (premium rules).</description> + <description>Check this box if you are a Snort.org subscriber (premium rules). <b>HIGHLY RECOMMENDED!</b></description> <type>checkbox</type> <size>60</size> </field> <field> + </field> + <field> + <fielddescr>Install emergingthreats rules.</fielddescr> + <fieldname>emergingthreats</fieldname> + <description>Emerging Threats is an open source community that produces fastest moving and diverse Snort Rules.</description> + <type>checkbox</type> + <required/> + </field> + <field> + <fielddescr>Install Pfsense rules.</fielddescr> + <fieldname>installpfsenserules</fieldname> + <description>Snort rules that Pfsense maintainers have requested for their packages.</description> + <type>checkbox</type> + <required/> + </field> + <field> <fielddescr>Block offenders</fielddescr> <fieldname>blockoffenders7</fieldname> <description>Checking this option will automatically block hosts that generate a snort alert.</description> @@ -301,8 +329,6 @@ </options> </field> <field> - </field> - <field> <fielddescr>Update rules automatically</fielddescr> <fieldname>autorulesupdate7</fieldname> <description>Please select the update times for rules.</description> @@ -356,12 +382,6 @@ <description>Checking this option will automatically associate the blocked reason from the snort alerts file.</description> <type>checkbox</type> </field> - <field> - <fielddescr>Install emergingthreats rules.</fielddescr> - <fieldname>emergingthreats</fieldname> - <description>Emerging Threats is an open source community that produces fastest moving and diverse Snort Rules.</description> - <type>checkbox</type> - </field> </fields> <custom_php_resync_config_command> sync_package_snort(); diff --git a/config/snort-dev/snort_advanced.xml b/config/snort-dev/snort_advanced.xml index 6e81123f..1fdddda2 100644 --- a/config/snort-dev/snort_advanced.xml +++ b/config/snort-dev/snort_advanced.xml @@ -153,12 +153,12 @@ <description>Snort will log packets to a tcpdump-formatted file. The file then can be analyzed by a wireshark type of application. WARNING: File may become large.</description> <type>checkbox</type> </field> - <field> - <fielddescr>Enable Barnyard2.</fielddescr> - <fieldname>snortbarnyardlog</fieldname> - <description>This will enable barnyard2 in the snort package. You will also have to set the database credentials.</description> - <type>checkbox</type> - </field> + <field> + <fielddescr>Enable Barnyard2.</fielddescr> + <fieldname>snortbarnyardlog</fieldname> + <description>This will enable barnyard2 in the snort package. You will also have to set the database credentials.</description> + <type>checkbox</type> + </field> <field> <fielddescr>Barnyard2 Log Mysql Database.</fielddescr> <fieldname>snortbarnyardlog_database</fieldname> @@ -168,9 +168,25 @@ <value></value> </field> <field> - <fielddescr>Log Alerts to a snort unified file.</fielddescr> + <fielddescr>Barnyard2 Configure Hostname ID.</fielddescr> + <fieldname>snortbarnyardlog_hostname</fieldname> + <description>Example: pfsense.local</description> + <type>input</type> + <size>25</size> + <value></value> + </field> + <field> + <fielddescr>Barnyard2 Configure Interface ID</fielddescr> + <fieldname>snortbarnyardlog_interface</fieldname> + <description>Example: vr0</description> + <type>input</type> + <size>25</size> + <value></value> + </field> + <field> + <fielddescr>Log Alerts to a snort unified2 file.</fielddescr> <fieldname>snortunifiedlog</fieldname> - <description>Snort will log Alerts to a file in the UNIFIED2 format. This is a requirement barnyard2.</description> + <description>Snort will log Alerts to a file in the UNIFIED2 format. This is a requirement for barnyard2.</description> <type>checkbox</type> </field> </fields> |