diff options
Diffstat (limited to 'packages')
-rw-r--r-- | packages/snort/snort.inc | 30 | ||||
-rw-r--r-- | packages/snort/snort.xml | 36 |
2 files changed, 54 insertions, 12 deletions
diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc index ff2451fb..0ec73237 100644 --- a/packages/snort/snort.inc +++ b/packages/snort/snort.inc @@ -27,10 +27,10 @@ POSSIBILITY OF SUCH DAMAGE. */ -$snort_conf = "/usr/local/etc/snort/snort.conf"; +$snort_conf_file = "/usr/local/etc/snort/snort.conf"; function sync_package_snort() { - global $config, $g, $snort_conf; + global $config, $g, $snort_conf_file; exec("/bin/mkdir -p /usr/local/etc/snort"); exec("/bin/mkdir -p /var/log/snort"); exec("/bin/cp /usr/local/etc/snort/unicode.map-sample /usr/local/etc/snort/unicode.map"); @@ -57,7 +57,7 @@ function sync_package_snort() { } } $start = "/bin/mkdir -p /var/log/snort"; - $start .= ";snort -c {$snort_conf} -l /var/log/snort " . $ifaces_final . " -D"; + $start .= ";snort -c {$snort_conf_file} -l /var/log/snort " . $ifaces_final . " -D"; $start .= ";snort2c -s -w /var/db/whitelist -a /var/log/snort/alert"; write_rcfile(array( "file" => "snort.sh", @@ -74,24 +74,30 @@ function sync_package_snort() { } function create_snort_conf() { - global $config, $g, $snort_conf; + global $config, $g, $snort_conf_file; /* write out snort.conf */ - $snort_conf = generate_snort_conf(); - $conf = fopen($snort_conf, "w"); + $snort_conf_text = generate_snort_conf(); + $conf = fopen($snort_conf_file, "w"); if(!$conf) { - log_error("Could not open {$snort_conf} for writing."); + log_error("Could not open {$snort_conf_file} for writing."); exit; } - fwrite($conf, $snort_conf); + fwrite($conf, $snort_conf_text); fclose($conf); } function generate_snort_conf() { - global $config, $g, $snort_conf; + global $config, $g, $snort_conf_file; /* obtain external interface */ /* XXX: make multi wan friendly */ $snort_ext_int = $config['installedpackages']['snort']['config'][0]['interface_array'][0]; + /* set the snort performance model */ + if($config['installedpackages']['snort']['config'][0]['performance']) + $snort_performance = $config['installedpackages']['snort']['config'][0]['performance']; + else + $snort_performance = "lowmem"; + /* open snort2c's whitelist for writing */ $whitelist = fopen("/var/db/whitelist", "w"); if(!$whitelist) { @@ -140,7 +146,7 @@ function generate_snort_conf() { } /* build snort configuration file */ - $snort_conf = <<<EOD + $snort_conf_text = <<<EOD #snort configuration file #generated by the pfSense @@ -163,7 +169,7 @@ var SSH_PORTS {$ssh_port} var RULE_PATH /usr/local/etc/snort/rules #Use lower memory models -config detection: search-method lowmem +config detection: search-method {$snort_performance} #Output plugins #output database: alert @@ -240,7 +246,7 @@ include reference.config EOD; - return $snort_conf; + return $snort_conf_text; } ?>
\ No newline at end of file diff --git a/packages/snort/snort.xml b/packages/snort/snort.xml index 667a1abe..2ba391c8 100644 --- a/packages/snort/snort.xml +++ b/packages/snort/snort.xml @@ -60,6 +60,42 @@ <type>interfaces_selection</type> </field> <field> + <fielddescr>Performance</fielddescr> + <fieldname>performance</fieldname> + <type>select</type> + <options> + <option> + <value>ac-std</value> + <name>ac-std</name> + </option> + <option> + <value>ac</value> + <name>ac</name> + </option> + <option> + <value>ac-banded</value> + <name>ac-banded</name> + </option> + <option> + <value>ac-sparsebands</value> + <name>ac-sparsebands</name> + </option> + + <option> + <value>mwm</value> + <name>mwm</name> + </option> + <option> + <value>acs</value> + <name>acs</name> + </option> + <option> + <value>lowmem</value> + <name>lowmem</name> + </option> + </options> + </field> + <field> <fielddescr>Oinkmaster code</fielddescr> <fieldname>oinkmastercode</fieldname> <value></value> |