diff options
Diffstat (limited to 'packages/snort/snort.inc')
| -rw-r--r-- | packages/snort/snort.inc | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc new file mode 100644 index 00000000..eb0c738f --- /dev/null +++ b/packages/snort/snort.inc @@ -0,0 +1,43 @@ +<?php + +function sync_package_snort() { + $first = 0; + /* if list */ + $iflist = array("lan" => "LAN"); + for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) + $iflist['opt' . $i] = "opt{$i}"; + $whitelist = fopen("/var/db/whitelist","w"); + if(!$whitelist) { + log_error("Cannot open whitelist for /var/db/writing."); + exit; + } + foreach($iflist as $if) { + /* XXX: write out if subnet */ + } + fclose($whitelist); + foreach($_POST['interface_array'] as $iface) { + $if = convert_friendly_interface_to_real_interface_name($iface); + if($if) { + $ifaces_final .= " -i " . $if; + $first = 1; + } + } + $start = "snort -c /usr/local/etc/snort/rules/snort.conf -l /var/log/snort " . $ifaces_final . " -D"; + $start .= ";snort2c -s -w /var/db/whitelist -a /var/log/snort/alert"; + write_rcfile(array( + "file" => "snort.sh", + "start" => $start, + "stop" => "/usr/bin/killall snort; killall snort2c" + ) + ); + start_service("snort"); +} + +function download_latest_rules() { + $oinkid = ""; + $dl = "http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-CURRENT.tar.gz"; + $dl_md5 = "http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-CURRENT.tar.gz.md5"; + +} + +?>
\ No newline at end of file |