aboutsummaryrefslogtreecommitdiffstats
path: root/packages
diff options
context:
space:
mode:
Diffstat (limited to 'packages')
-rw-r--r--packages/snort/snort.xml66
1 files changed, 66 insertions, 0 deletions
diff --git a/packages/snort/snort.xml b/packages/snort/snort.xml
new file mode 100644
index 00000000..9fd0b705
--- /dev/null
+++ b/packages/snort/snort.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<packagegui>
+ <title>Services: Snort</title>
+ <name>Snort</name>
+ <version>3.0</version>
+ <menu>
+ <name>Snort Settings</name>
+ <tooltiptext>Setup snort specific settings</tooltiptext>
+ <section>Services</section>
+ <url>/pkg_edit.php?xml=snort.xml&amp;id=0</url>
+ </menu>
+ <service>
+ <name>snort</name>
+ <rcfile>snort.sh</rcfile>
+ <executable>snort</executable>
+ </service>
+ <tabs>
+ <tab>
+ <text>Snort Settings</text>
+ <url>/pkg_edit.php?xml=snort.xml&amp;id=0</url>
+ <active/>
+ </tab>
+ </tabs>
+ <fields>
+ <field>
+ <fielddescr>Interface</fielddescr>
+ <fieldname>interface_array</fieldname>
+ <value>lan</value>
+ <multiple>true</multiple>
+ <size>3</size>
+ <type>interfaces_selection</type>
+ </field>
+ </fields>
+ <service>
+ <name>snort</name>
+ <rcfile>snort.sh</rcfile>
+ <executable>snort</executable>
+ </service>
+ <custom_php_global_functions>
+ function sync_package_snort() {
+ $first = 0;
+ foreach($_POST['interface_array'] as $iface) {
+ $if = convert_friendly_interface_to_real_interface_name($iface);
+ if($if) {
+ $ifaces_final .= " -i " . $if;
+ $first = 1;
+ }
+ }
+ $start = "snort -c /usr/local/etc/snort/rules/snort.conf -l /var/log/snort " . $ifaces_final . " -D";
+ $start.= ";snort2c -s -w /var/db/whitelist -a /var/log/snort/alert";
+ write_rcfile(array(
+ "file" => "snort.sh",
+ "start" => $start,
+ "stop" => "/usr/bin/killall snort; killall snort2c"
+ )
+ );
+ start_service("snort");
+ }
+ </custom_php_global_functions>
+ <custom_add_php_command>
+ sync_package_snort();
+ </custom_add_php_command>
+ <custom_php_resync_command>
+ sync_package_snort();
+ </custom_php_resync_command>
+</packagegui>