From 01bfd5a0ef9a057149f933b6fcbea377cfc32687 Mon Sep 17 00:00:00 2001 From: robiscool Date: Tue, 6 Apr 2010 20:18:51 -0700 Subject: snort, add snort-old deinstall xml, fix vlan --- config/snort/snort.inc | 53 ++++++++++++++++----------- config/snort/snort_barnyard.php | 2 +- config/snort/snort_check_for_rule_updates.php | 2 +- config/snort/snort_define_servers.php | 2 +- config/snort/snort_download_rules.php | 2 +- config/snort/snort_interfaces.php | 12 +++--- config/snort/snort_interfaces_edit.php | 8 ++-- config/snort/snort_interfaces_global.php | 6 +-- config/snort/snort_preprocessors.php | 2 +- config/snort/snort_rules.php | 2 +- config/snort/snort_rules_edit.php | 2 +- config/snort/snort_rulesets.php | 2 +- pkg_config.7.xml | 2 +- pkg_config.8.xml | 2 +- 14 files changed, 53 insertions(+), 46 deletions(-) diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 5a967f3d..d4af6b85 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -67,7 +67,7 @@ $pfsense_theme_is = $config['theme']; /* use ob_clean to clear output buffer, this code needs to be watched */ ob_clean(); - $snort_up_prell = exec("/usr/bin/top -a -U snort -u | grep -v grep | grep \"R {$snort_uuid}_{$if_real}\" | awk '{print \$1;}'", $retval); + $snort_up_prell = exec("/usr/bin/top -a -U snort -u | grep -v grep | grep \"R {$snort_uuid}{$if_real}\" | awk '{print \$1;}'", $retval); if ($snort_up_prell != "") { $snort_uph = 'yes'; @@ -113,7 +113,7 @@ $pfsense_theme_is = $config['theme']; function Running_Stop($snort_uuid, $if_real, $id) { global $config; - $start_up_pre = exec("/usr/bin/top -a -U snort -u | grep -v grep | grep \"R {$snort_uuid}_{$if_real}\" | awk '{print \$1;}'"); + $start_up_pre = exec("/usr/bin/top -a -U snort -u | grep -v grep | grep \"R {$snort_uuid}{$if_real}\" | awk '{print \$1;}'"); $start_up_s = exec("/usr/bin/top -U snort -u | grep snort | grep {$start_up_pre} | awk '{ print $1; }'"); $start_up_r = exec("/usr/bin/top -U root -u | grep snort | grep {$start_up_pre} | awk '{ print $1; }'"); @@ -158,7 +158,7 @@ $pfsense_theme_is = $config['theme']; $snort_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['enable']; if ($snort_info_chk == 'on') { - exec("/usr/local/bin/snort -u snort -g snort -R \"{$snort_uuid}_{$if_real}\" -D -q -l /var/log/snort -G {$snort_uuid} -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}"); + exec("/usr/local/bin/snort -u snort -g snort -R \"{$snort_uuid}{$if_real}\" -D -q -l /var/log/snort -G {$snort_uuid} -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}"); } /* define snortbarnyardlog_chk */ /* top will have trouble if the uuid is to far back */ @@ -177,7 +177,7 @@ function convert_friendly_interface_to_real_interface_name2($interface) { global $config; - $lc_interface = strtolower($interface); + $lc_interface = strtolower($interface); if($lc_interface == "lan") return $config['interfaces']['lan']['if']; if($lc_interface == "wan") return $config['interfaces']['wan']['if']; $ifdescrs = array(); @@ -194,7 +194,7 @@ function convert_friendly_interface_to_real_interface_name2($interface) return $interface; } -$if_real_wan = convert_friendly_interface_to_real_interface_name2($interface_fake); +//$if_real_wan = convert_friendly_interface_to_real_interface_name2($interface_fake); /* Allow additional execution time 0 = no limit. */ ini_set('max_execution_time', '9999'); @@ -323,6 +323,16 @@ function snort_postinstall() /* back to default */ chdir ("/root/"); + /* make sure snort-pld is deinstalled */ + /* remove when snort-old is removed */ + unset($config['installedpackages']['snort']); + unset($config['installedpackages']['snortdefservers']); + unset($config['installedpackages']['snortwhitelist']); + unset($config['installedpackages']['snortthreshold']); + unset($config['installedpackages']['snortadvanced']); + write_config(); + conf_mount_rw(); + conf_mount_ro(); } @@ -595,7 +605,7 @@ class array_ereg { $id += 1; $result_lan = $config['installedpackages']['snortglobal']['rule'][$id]['interface']; - $if_real = convert_friendly_interface_to_real_interface_name($result_lan); + $if_real = convert_friendly_interface_to_real_interface_name2($result_lan); $snort_rules_list[] = "snort_$id$if_real"; @@ -659,7 +669,7 @@ if ($id != '' && $if_real != '') //new $snort_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid']; $result_lan = $config['installedpackages']['snortglobal']['rule'][$id]['interface']; - $if_real = convert_friendly_interface_to_real_interface_name($result_lan); + $if_real = convert_friendly_interface_to_real_interface_name2($result_lan); /* create snort configuration file */ create_snort_conf($id, $if_real, $snort_uuid); @@ -706,7 +716,7 @@ function sync_snort_package_empty() $id += 1; $result_lan = $config['installedpackages']['snortglobal']['rule'][$id]['interface']; - $if_real = convert_friendly_interface_to_real_interface_name($result_lan); + $if_real = convert_friendly_interface_to_real_interface_name2($result_lan); $snort_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid']; if ($if_real != '' && $snort_uuid != '') { @@ -758,7 +768,7 @@ function sync_snort_package_config() $id += 1; $result_lan = $config['installedpackages']['snortglobal']['rule'][$id]['interface']; - $if_real = convert_friendly_interface_to_real_interface_name($result_lan); + $if_real = convert_friendly_interface_to_real_interface_name2($result_lan); $snort_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid']; if ($if_real != '' && $snort_uuid != '') { @@ -808,7 +818,7 @@ function create_snort_sh() $snort_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid']; $result_lan = $config['installedpackages']['snortglobal']['rule'][$id]['interface']; - $if_real = convert_friendly_interface_to_real_interface_name($result_lan); + $if_real = convert_friendly_interface_to_real_interface_name2($result_lan); /* define snortbarnyardlog_chk */ $snortbarnyardlog_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['barnyard_enable']; @@ -824,7 +834,7 @@ $snort_sh_text2[] = << /tmp/snort.sh.pid @@ -832,7 +842,7 @@ $snort_sh_text2[] = << @@ -361,7 +361,7 @@ padding: 15px 10px 50% 50px; /* convert fake interfaces to real and check if iface is up */ /* There has to be a smarter way to do this */ - $if_real = convert_friendly_interface_to_real_interface_name($natent['interface']); + $if_real = convert_friendly_interface_to_real_interface_name2($natent['interface']); $snort_uuid = $natent['uuid']; $tester2 = Running_Ck($snort_uuid, $if_real, $id); diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php index dddca3af..cba0cc8a 100644 --- a/config/snort/snort_interfaces_edit.php +++ b/config/snort/snort_interfaces_edit.php @@ -74,7 +74,7 @@ while ($snort_uuid > 65535 || $snort_uuid == 0) { } /* convert fake interfaces to real */ -$if_real = convert_friendly_interface_to_real_interface_name($a_nat[$id]['interface']); +$if_real = convert_friendly_interface_to_real_interface_name2($a_nat[$id]['interface']); if ($config['installedpackages']['snortglobal']['rule'][$id]['uuid'] != '') { $snort_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid']; @@ -162,7 +162,7 @@ $d_snortconfdirty_path = "/var/run/snort_conf_{$snort_uuid}_{$if_real}.dirty"; write_config(); - $if_real = convert_friendly_interface_to_real_interface_name($a_nat[$id]['interface']); + $if_real = convert_friendly_interface_to_real_interface_name2($a_nat[$id]['interface']); sync_snort_package_all($id, $if_real, $snort_uuid); sync_snort_package(); @@ -202,7 +202,7 @@ if ($_POST["Submit"]) { $id_c += 1; $result_lan = $config['installedpackages']['snortglobal']['rule'][$id_c]['interface']; - $if_real = convert_friendly_interface_to_real_interface_name($result_lan); + $if_real = convert_friendly_interface_to_real_interface_name2($result_lan); if ($_POST['interface'] == $result_lan) { $input_errors[] = "Interface $result_lan is in use. Please select another interface."; @@ -457,7 +457,7 @@ if ($a_nat[$id]['interface'] != '') { //print_r($if_array); if($if_array) { foreach($if_array as $iface2) { - $if2 = convert_friendly_interface_to_real_interface_name($iface2); + $if2 = convert_friendly_interface_to_real_interface_name2($iface2); if($config['interfaces'][$iface2]['ipaddr'] == "pppoe") { $if2 = "ng0"; diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php index 648b5bda..3c487ce0 100644 --- a/config/snort/snort_interfaces_global.php +++ b/config/snort/snort_interfaces_global.php @@ -369,11 +369,7 @@ include("head.inc"); - + diff --git a/config/snort/snort_preprocessors.php b/config/snort/snort_preprocessors.php index cb00099e..0d7fdde3 100644 --- a/config/snort/snort_preprocessors.php +++ b/config/snort/snort_preprocessors.php @@ -119,7 +119,7 @@ if (isset($_GET['dup'])) } /* convert fake interfaces to real */ -$if_real = convert_friendly_interface_to_real_interface_name($pconfig['interface']); +$if_real = convert_friendly_interface_to_real_interface_name2($pconfig['interface']); $snort_uuid = $pconfig['uuid']; diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index c95d76ca..b5fa2fb2 100644 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -52,7 +52,7 @@ if (isset($id) && $a_nat[$id]) { } /* convert fake interfaces to real */ -$if_real = convert_friendly_interface_to_real_interface_name($pconfig['interface']); +$if_real = convert_friendly_interface_to_real_interface_name2($pconfig['interface']); $iface_uuid = $a_nat[$id]['uuid']; diff --git a/config/snort/snort_rules_edit.php b/config/snort/snort_rules_edit.php index b770867f..759193c8 100644 --- a/config/snort/snort_rules_edit.php +++ b/config/snort/snort_rules_edit.php @@ -65,7 +65,7 @@ if (isset($id) && $a_nat[$id]) { } /* convert fake interfaces to real */ -$if_real = convert_friendly_interface_to_real_interface_name($pconfig['interface']); +$if_real = convert_friendly_interface_to_real_interface_name2($pconfig['interface']); $file = $_GET['openruleset']; diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php index 0a726a76..d232c097 100644 --- a/config/snort/snort_rulesets.php +++ b/config/snort/snort_rulesets.php @@ -55,7 +55,7 @@ if (isset($id) && $a_nat[$id]) { } /* convert fake interfaces to real */ -$if_real = convert_friendly_interface_to_real_interface_name($pconfig['interface']); +$if_real = convert_friendly_interface_to_real_interface_name2($pconfig['interface']); $iface_uuid = $a_nat[$id]['uuid']; diff --git a/pkg_config.7.xml b/pkg_config.7.xml index 466608db..4e541869 100755 --- a/pkg_config.7.xml +++ b/pkg_config.7.xml @@ -359,7 +359,7 @@ mysql-client-5.1.44_1.tbz snort-2.8.5.3.tbz http://www.pfsense.com/packages/config/snort/snort.xml - 2.8.5.3 pkg v. 1.19 + 2.8.5.3 pkg v. 1.20 1.2.3 Stable /snort.xml diff --git a/pkg_config.8.xml b/pkg_config.8.xml index a0c9174a..05297cc0 100755 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -245,7 +245,7 @@ mysql-client-5.1.45.tbz snort-2.8.5.3.tbz http://www.pfsense.com/packages/config/snort/snort.xml - 2.8.5.3 pkg v. 1.19 + 2.8.5.3 pkg v. 1.20 2.0 Stable /snort.xml -- cgit v1.2.3