aboutsummaryrefslogtreecommitdiffstats
path: root/packages/snort
diff options
context:
space:
mode:
Diffstat (limited to 'packages/snort')
-rw-r--r--packages/snort/snort.inc43
-rw-r--r--packages/snort/snort.xml35
2 files changed, 45 insertions, 33 deletions
diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc
new file mode 100644
index 00000000..eb0c738f
--- /dev/null
+++ b/packages/snort/snort.inc
@@ -0,0 +1,43 @@
+<?php
+
+function sync_package_snort() {
+ $first = 0;
+ /* if list */
+ $iflist = array("lan" => "LAN");
+ for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++)
+ $iflist['opt' . $i] = "opt{$i}";
+ $whitelist = fopen("/var/db/whitelist","w");
+ if(!$whitelist) {
+ log_error("Cannot open whitelist for /var/db/writing.");
+ exit;
+ }
+ foreach($iflist as $if) {
+ /* XXX: write out if subnet */
+ }
+ fclose($whitelist);
+ foreach($_POST['interface_array'] as $iface) {
+ $if = convert_friendly_interface_to_real_interface_name($iface);
+ if($if) {
+ $ifaces_final .= " -i " . $if;
+ $first = 1;
+ }
+ }
+ $start = "snort -c /usr/local/etc/snort/rules/snort.conf -l /var/log/snort " . $ifaces_final . " -D";
+ $start .= ";snort2c -s -w /var/db/whitelist -a /var/log/snort/alert";
+ write_rcfile(array(
+ "file" => "snort.sh",
+ "start" => $start,
+ "stop" => "/usr/bin/killall snort; killall snort2c"
+ )
+ );
+ start_service("snort");
+}
+
+function download_latest_rules() {
+ $oinkid = "";
+ $dl = "http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-CURRENT.tar.gz";
+ $dl_md5 = "http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-CURRENT.tar.gz.md5";
+
+}
+
+?> \ No newline at end of file
diff --git a/packages/snort/snort.xml b/packages/snort/snort.xml
index e806cf61..650dd182 100644
--- a/packages/snort/snort.xml
+++ b/packages/snort/snort.xml
@@ -19,6 +19,7 @@
<rcfile>snort.sh</rcfile>
<executable>snort</executable>
</service>
+ <include_file>/usr/local/pkg/snort.xml</include_file>
<tabs>
<tab>
<text>Snort Settings</text>
@@ -47,39 +48,7 @@
<rcfile>snort.sh</rcfile>
<executable>snort</executable>
</service>
- <custom_php_global_functions>
- function sync_package_snort() {
- $first = 0;
- /* if list */
- $iflist = array("lan" => "LAN");
- for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++)
- $iflist['opt' . $i] = "opt{$i}";
- $whitelist = fopen("/var/db/whitelist","w");
- if(!$whitelist)
- die "Cannot open whitelist for /var/db/writing.";
- foreach($iflist as $if) {
- /* XXX: write out if subnet */
- }
- fclose($whitelist);
- foreach($_POST['interface_array'] as $iface) {
- $if = convert_friendly_interface_to_real_interface_name($iface);
- if($if) {
- $ifaces_final .= " -i " . $if;
- $first = 1;
- }
- }
- $start = "snort -c /usr/local/etc/snort/rules/snort.conf -l /var/log/snort " . $ifaces_final . " -D";
- $start .= ";snort2c -s -w /var/db/whitelist -a /var/log/snort/alert";
- write_rcfile(array(
- "file" => "snort.sh",
- "start" => $start,
- "stop" => "/usr/bin/killall snort; killall snort2c"
- )
- );
- start_service("snort");
- }
- </custom_php_global_functions>
- <custom_add_php_command>
+ <custom_add_php_command>
sync_package_snort();
</custom_add_php_command>
<custom_php_resync_command>