aboutsummaryrefslogtreecommitdiffstats
path: root/packages/snort/snort.inc
Commit message (Collapse)AuthorAgeFilesLines
* Reduce false positives. See ↵Scott Ullrich2007-07-071-1/+1
| | | | http://forum.pfsense.org/index.php/topic,3616.0/topicseen.html
* Tighten the home net checks trying to eliminte blank entries that can lead ↵Scott Ullrich2007-05-071-2/+5
| | | | to ,/,
* Tighten the home net checks trying to eliminte blank entries that can lead ↵Scott Ullrich2007-05-071-4/+8
| | | | to ,/,
* Do not add sparious ,Scott Ullrich2007-03-171-1/+2
| | | | Submitted-by: Ying Wong ying_AT_apdir.com
* Correct portscan preprocessor settings. WAN Gateway, DNS servers, and ↵Scott Dale2007-02-221-10/+19
| | | | loopback address are not automatically inserted in $HOME_NET. Removed redundant code that was inserting local IPs twice into $HOME_NET.
* Removed the flow-portscan preprocessor and inserted the sfportscan ↵Scott Dale2007-02-211-25/+8
| | | | preprocessor. Flow-portscan has been deprecated from Snort.
* Make sure snort is deinstalled correctlyScott Ullrich2007-02-111-0/+3
| | | | Ticket #1252
* Add snort advanced pass thrrough configurationScott Ullrich2007-01-281-0/+5
|
* Trim home netScott Ullrich2007-01-261-1/+1
| | | | Ticket #1232
* s/=/==/Scott Ullrich2007-01-191-1/+1
| | | | Ticket #1208
* Stop snort on deinstall.Scott Ullrich2006-12-111-0/+3
|
* * ensure /var/log/snort existsScott Ullrich2006-12-061-0/+5
| | | | * ensure /var/log/snort/alert exists
* make $HOME_NET work for multiple IPsBill Marquette2006-11-021-1/+6
|
* filter out grep from resultsScott Ullrich2006-10-301-1/+1
|
* Cleanup sampling code. Don't forget to escape \$ awk variable.Scott Ullrich2006-10-301-1/+7
|
* When no interface is selected, do not error out.Scott Ullrich2006-10-281-8/+9
| | | | Ticket #1155
* Sample actual snort memory usage as well as system free measurements.Scott Ullrich2006-10-261-1/+1
|
* Woops, this is overall free system memory, not usage.Scott Ullrich2006-10-261-1/+1
|
* Note the snort performance mode on startupScott Ullrich2006-10-261-1/+7
|
* s/SnortMemory/SnortStartup/Scott Ullrich2006-10-261-1/+1
|
* Wait 17 seconds after snort bringup to take after starting memory samplingScott Ullrich2006-10-261-1/+1
|
* Take a memory sampling before and after starting snort. Report this ↵Scott Ullrich2006-10-261-2/+2
| | | | information in the system logs so the Operator can guage how much ram Snort is using
* Issue BPF changes correctlyScott Ullrich2006-10-261-0/+8
|
* Cache page when needed.Scott Ullrich2006-10-111-3/+0
|
* Only read in snort alert file if it exists.Scott Ullrich2006-10-101-1/+4
|
* Change name to SnortAdvanced and do now whipe out primary tabs settings.Scott Ullrich2006-10-081-3/+3
|
* Sync package on advanced tab saveScott Ullrich2006-10-081-1/+1
|
* * Add snort advanced tab that allows tuning of bpf valuesScott Ullrich2006-10-081-4/+18
| | | | * Remove hard coded BPF assumptions
* * Correct minor variable scope bugScott Ullrich2006-10-081-0/+1
| | | | * Add associate snort alert to ip option (handy for large snort installations)
* * Add snort cache that will cache the ip -> alert mappingsScott Ullrich2006-10-081-2/+39
| | | | * Add knob to turn off clickable urls in the snort alert tabs (handy for someone with thousands of alerts)
* Make snort alerts clickableScott Ullrich2006-10-071-0/+10
|
* Add function description, remove trailing whitespace at end of fileScott Ullrich2006-10-071-20/+1
|
* CACHE /var/log/snort/alert in between callsScott Ullrich2006-10-071-2/+6
|
* Woops, reverse the numbers.Scott Ullrich2006-10-071-2/+2
|
* Associate snort blocked events with their alert description if availableScott Ullrich2006-10-071-0/+33
|
* Add automatic whitelist feature for VPNsScott Ullrich2006-10-061-3/+16
|
* Add a few more commentsScott Ullrich2006-10-061-7/+22
|
* * Cleanup on deinstallScott Ullrich2006-10-061-0/+14
| | | | * Increase net.bpf.bufsize to 20480
* Call sync_package_snort_reinstall() on install.Scott Ullrich2006-10-051-2/+12
|
* Do not exit when opening for writing fails, simply return.Scott Ullrich2006-10-031-1/+1
|
* Woops, thats a variable, so it requires a $Scott Ullrich2006-10-031-1/+1
|
* Writeout whitelist with a foreach, ensure that no stray spaces are present.Scott Ullrich2006-10-031-1/+5
|
* Teach snort to use newer package plugin methodsScott Ullrich2006-10-011-8/+6
|
* Use conf_mount_rw() and conf_mount_ro()Scott Ullrich2006-09-301-0/+7
|
* Pass $HOME_NET to snortScott Ullrich2006-09-271-2/+2
|
* Woops, dont allow for run-on commands.Scott Ullrich2006-09-271-1/+1
|
* * Ensure that only one snort2c is runningScott Ullrich2006-09-271-1/+2
| | | | * Ignore items in the whitelist from port scanning
* Do not include pppoe or dhcp entriesScott Ullrich2006-09-271-1/+2
|
* Resolve pppoe and dhcp ip addressesScott Ullrich2006-09-271-1/+7
|
* Make console text friendlerScott Ullrich2006-09-271-16/+34
|