diff options
Diffstat (limited to 'packages/snort')
-rw-r--r-- | packages/snort/snort.inc | 43 | ||||
-rw-r--r-- | packages/snort/snort.xml | 35 |
2 files changed, 45 insertions, 33 deletions
diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc new file mode 100644 index 00000000..eb0c738f --- /dev/null +++ b/packages/snort/snort.inc @@ -0,0 +1,43 @@ +<?php + +function sync_package_snort() { + $first = 0; + /* if list */ + $iflist = array("lan" => "LAN"); + for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) + $iflist['opt' . $i] = "opt{$i}"; + $whitelist = fopen("/var/db/whitelist","w"); + if(!$whitelist) { + log_error("Cannot open whitelist for /var/db/writing."); + exit; + } + foreach($iflist as $if) { + /* XXX: write out if subnet */ + } + fclose($whitelist); + foreach($_POST['interface_array'] as $iface) { + $if = convert_friendly_interface_to_real_interface_name($iface); + if($if) { + $ifaces_final .= " -i " . $if; + $first = 1; + } + } + $start = "snort -c /usr/local/etc/snort/rules/snort.conf -l /var/log/snort " . $ifaces_final . " -D"; + $start .= ";snort2c -s -w /var/db/whitelist -a /var/log/snort/alert"; + write_rcfile(array( + "file" => "snort.sh", + "start" => $start, + "stop" => "/usr/bin/killall snort; killall snort2c" + ) + ); + start_service("snort"); +} + +function download_latest_rules() { + $oinkid = ""; + $dl = "http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-CURRENT.tar.gz"; + $dl_md5 = "http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-CURRENT.tar.gz.md5"; + +} + +?>
\ No newline at end of file diff --git a/packages/snort/snort.xml b/packages/snort/snort.xml index e806cf61..650dd182 100644 --- a/packages/snort/snort.xml +++ b/packages/snort/snort.xml @@ -19,6 +19,7 @@ <rcfile>snort.sh</rcfile> <executable>snort</executable> </service> + <include_file>/usr/local/pkg/snort.xml</include_file> <tabs> <tab> <text>Snort Settings</text> @@ -47,39 +48,7 @@ <rcfile>snort.sh</rcfile> <executable>snort</executable> </service> - <custom_php_global_functions> - function sync_package_snort() { - $first = 0; - /* if list */ - $iflist = array("lan" => "LAN"); - for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) - $iflist['opt' . $i] = "opt{$i}"; - $whitelist = fopen("/var/db/whitelist","w"); - if(!$whitelist) - die "Cannot open whitelist for /var/db/writing."; - foreach($iflist as $if) { - /* XXX: write out if subnet */ - } - fclose($whitelist); - foreach($_POST['interface_array'] as $iface) { - $if = convert_friendly_interface_to_real_interface_name($iface); - if($if) { - $ifaces_final .= " -i " . $if; - $first = 1; - } - } - $start = "snort -c /usr/local/etc/snort/rules/snort.conf -l /var/log/snort " . $ifaces_final . " -D"; - $start .= ";snort2c -s -w /var/db/whitelist -a /var/log/snort/alert"; - write_rcfile(array( - "file" => "snort.sh", - "start" => $start, - "stop" => "/usr/bin/killall snort; killall snort2c" - ) - ); - start_service("snort"); - } - </custom_php_global_functions> - <custom_add_php_command> + <custom_add_php_command> sync_package_snort(); </custom_add_php_command> <custom_php_resync_command> |