From 90ef97fb7c7e716ab46c9d187add50a7bd0dbd77 Mon Sep 17 00:00:00 2001 From: robiscool Date: Thu, 26 Aug 2010 00:05:33 -0700 Subject: snort, update binaries for 1.2.3 x86, 2.0 x86, x64, update rule files to match. --- config/snort/bin/7.2.x86/barnyard2 | Bin 715041 -> 0 bytes config/snort/bin/7.3.x86/barnyard2 | Bin 0 -> 862409 bytes config/snort/bin/8.0.x86/barnyard2 | Bin 849388 -> 0 bytes config/snort/bin/8.0.x86/md5_files | 9 --------- config/snort/bin/8.0.x86/md5_files~ | 9 --------- config/snort/bin/8.1x64/barnyard2 | Bin 0 -> 984834 bytes config/snort/bin/8.1x86/barnyard2 | Bin 0 -> 849805 bytes config/snort/snort.inc | 25 +++++++++++++++++++++---- config/snort/snort_download_rules.php | 8 ++++---- pkg_config.7.xml | 12 ++++++------ pkg_config.8.xml | 12 ++++++------ pkg_config.8.xml.amd64 | 9 ++++++++- 12 files changed, 45 insertions(+), 39 deletions(-) delete mode 100644 config/snort/bin/7.2.x86/barnyard2 create mode 100644 config/snort/bin/7.3.x86/barnyard2 delete mode 100755 config/snort/bin/8.0.x86/barnyard2 delete mode 100644 config/snort/bin/8.0.x86/md5_files delete mode 100644 config/snort/bin/8.0.x86/md5_files~ create mode 100644 config/snort/bin/8.1x64/barnyard2 create mode 100644 config/snort/bin/8.1x86/barnyard2 diff --git a/config/snort/bin/7.2.x86/barnyard2 b/config/snort/bin/7.2.x86/barnyard2 deleted file mode 100644 index 9266051c..00000000 Binary files a/config/snort/bin/7.2.x86/barnyard2 and /dev/null differ diff --git a/config/snort/bin/7.3.x86/barnyard2 b/config/snort/bin/7.3.x86/barnyard2 new file mode 100644 index 00000000..df78449d Binary files /dev/null and b/config/snort/bin/7.3.x86/barnyard2 differ diff --git a/config/snort/bin/8.0.x86/barnyard2 b/config/snort/bin/8.0.x86/barnyard2 deleted file mode 100755 index 43476338..00000000 Binary files a/config/snort/bin/8.0.x86/barnyard2 and /dev/null differ diff --git a/config/snort/bin/8.0.x86/md5_files b/config/snort/bin/8.0.x86/md5_files deleted file mode 100644 index 3b283d80..00000000 --- a/config/snort/bin/8.0.x86/md5_files +++ /dev/null @@ -1,9 +0,0 @@ -#For Freebsd 8.0 - - -MD5 (pcre-8.00.tbz) = 8a1ac82500efccefc6418856e27b6cc1 -MD5 (snort-2.8.5.3.tbz) = 826c15872c6d19bcbe2408fb34d165b9 -MD5 (perl-5.10.1.tbz) = f71020a8bd0f197c9bf70eb6d03b92af -MD5 (mysql-client-5.1.45.tbz) = 9cb5878ae922c3d4d0e31efe5712a90a -MD5 (barnyard2) = 4dbff13291a2b8c5018b7ab62f574bc8 - diff --git a/config/snort/bin/8.0.x86/md5_files~ b/config/snort/bin/8.0.x86/md5_files~ deleted file mode 100644 index 3b283d80..00000000 --- a/config/snort/bin/8.0.x86/md5_files~ +++ /dev/null @@ -1,9 +0,0 @@ -#For Freebsd 8.0 - - -MD5 (pcre-8.00.tbz) = 8a1ac82500efccefc6418856e27b6cc1 -MD5 (snort-2.8.5.3.tbz) = 826c15872c6d19bcbe2408fb34d165b9 -MD5 (perl-5.10.1.tbz) = f71020a8bd0f197c9bf70eb6d03b92af -MD5 (mysql-client-5.1.45.tbz) = 9cb5878ae922c3d4d0e31efe5712a90a -MD5 (barnyard2) = 4dbff13291a2b8c5018b7ab62f574bc8 - diff --git a/config/snort/bin/8.1x64/barnyard2 b/config/snort/bin/8.1x64/barnyard2 new file mode 100644 index 00000000..3416c814 Binary files /dev/null and b/config/snort/bin/8.1x64/barnyard2 differ diff --git a/config/snort/bin/8.1x86/barnyard2 b/config/snort/bin/8.1x86/barnyard2 new file mode 100644 index 00000000..07e1069f Binary files /dev/null and b/config/snort/bin/8.1x86/barnyard2 differ diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 55f6c045..2f90f385 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -37,7 +37,7 @@ require_once("functions.inc"); require_once("filter.inc"); /* package version */ -$snort_package_version = 'Snort 2.8.6 pkg v. 1.33'; +$snort_package_version = 'Snort 2.8.6.1 pkg v. 1.33'; /* find out if were in 1.2.3-RELEASE */ $pfsense_ver_chk = exec('/bin/cat /etc/version'); @@ -48,6 +48,18 @@ if ($pfsense_ver_chk == '1.2.3-RELEASE') $pfsense_stable = 'no'; } +/* find out what arch where in x86 , x64 */ +/* TODO: should be more clear in this code */ +if ($pfsense_stable == 'no') { + $snort_arch_ck = ''; + exec('uname -m', $snort_arch_ck); + if($snort_arch_ck[0] == 'i386') { + $snort_arch = 'x86'; + }else{ + $snort_arch = 'x64'; + } +} + /* tell me my theme */ $pfsense_theme_is = $config['theme']; @@ -627,13 +639,18 @@ function snort_postinstall() exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/javascript/sortableTable.js'); exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/javascript/row_helper.js'); - /* install barnyard2 for 2.0 and 1.2.3 */ + /* install barnyard2 for 2.0 x86 x64 and 1.2.3 x86 */ chdir ("/usr/local/bin/"); if ($pfsense_stable == 'yes') { - exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/bin/7.2.x86/barnyard2'); + exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/bin/7.3.x86/barnyard2'); }else{ - exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/bin/8.0.x86/barnyard2'); + if ($snort_arch == 'x86') { + exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/bin/8.1x86/barnyard2'); + }else{ + exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/bin/8.1x64/barnyard2'); + } } + exec('/bin/chmod 755 /usr/local/bin/barnyard2'); /* back to default */ diff --git a/config/snort/snort_download_rules.php b/config/snort/snort_download_rules.php index 646f45f1..bb71e049 100644 --- a/config/snort/snort_download_rules.php +++ b/config/snort/snort_download_rules.php @@ -39,8 +39,8 @@ require_once("/usr/local/pkg/snort/snort.inc"); $tmpfname = "/usr/local/etc/snort/tmp/snort_rules_up"; $snortdir = "/usr/local/etc/snort"; $snortdir_wan = "/usr/local/etc/snort"; -$snort_filename_md5 = "snortrules-snapshot-2860.tar.gz.md5"; -$snort_filename = "snortrules-snapshot-2860.tar.gz"; +$snort_filename_md5 = "snortrules-snapshot-2861.tar.gz.md5"; +$snort_filename = "snortrules-snapshot-2861.tar.gz"; $emergingthreats_filename_md5 = "version.txt"; $emergingthreats_filename = "emerging.rules.tar.gz"; $pfsense_rules_filename_md5 = "pfsense_rules.tar.gz.md5"; @@ -527,9 +527,9 @@ if ($snortdownload == 'on') sleep(2); exec('/usr/local/bin/perl /usr/local/bin/snort_rename.pl s/^/snort_/ *.rules'); /* extract so rules */ - exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/"); + exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.8.6.1/"); exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/'); - exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/* /usr/local/lib/snort/dynamicrules/"); + exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.8.6.1/* /usr/local/lib/snort/dynamicrules/"); /* extract so rules none bin and rename */ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" . " so_rules/chat.rules/" . diff --git a/pkg_config.7.xml b/pkg_config.7.xml index fa97085b..2a7b94a8 100755 --- a/pkg_config.7.xml +++ b/pkg_config.7.xml @@ -404,13 +404,13 @@ http://www.snort.org Used by fortune 500 companies and governments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Security - http://www.pfsense.com/packages/config/snort/bin/7.2.x86/ - pcre-8.02.tbz - perl-5.10.1.tbz - mysql-client-5.1.44_1.tbz - snort-2.8.6_1.tbz + http://www.pfsense.com/packages/config/snort/bin/7.3.x86/ + pcre-8.10.tbz + perl-threaded-5.12.1_1.tbz + mysql-client-5.1.50_1.tbz + snort-2.8.6.1.tbz http://www.pfsense.com/packages/config/snort/snort.xml - 2.8.6 pkg v. 1.33 + 2.8.6.1 pkg v. 1.33 1.2.3 Stable /snort.xml diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 5948c5fd..e17e221b 100755 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -290,17 +290,17 @@ http://www.snort.org Used by fortune 500 companies and governments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Security - http://www.pfsense.com/packages/config/snort/bin/8.0.x86/ - pcre-8.02.tbz - perl-5.10.1.tbz - mysql-client-5.1.45.tbz - snort-2.8.6_1.tbz + http://www.pfsense.com/packages/config/snort/bin/8.1x86/ + pcre-8.10.tbz + perl-threaded-5.12.1_1.tbz + mysql-client-5.1.50_1.tbz + snort-2.8.6.1.tbz /usr/ports/devel/pcre /usr/ports/lang/perl5.10 /usr/ports/databases/mysql51-client /usr/ports/security/snort http://www.pfsense.com/packages/config/snort/snort.xml - 2.8.6 pkg v. 1.33 + 2.8.6.1 pkg v. 1.33 2.0 Stable /snort.xml diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 3860feee..04283874 100755 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -307,10 +307,17 @@ http://www.snort.org Used by fortune 500 companies and governments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Security +<<<<<<< HEAD http://www.pfsense.com/packages/config/snort/bin/8.0.x86/ pcre-8.02.tbz perl-5.10.1_2.tbz mysql-client-5.0.90.tbz +======= + http://www.pfsense.com/packages/config/snort/bin/8.1x64/ + pcre-8.10.tbz + perl-threaded-5.12.1_1.tbz + mysql-client-5.1.50_1.tbz +>>>>>>> snort, update binaries for 1.2.3 x86, 2.0 x86, x64, update rule files to match. snort-2.8.6.1.tbz /usr/ports/devel/pcre /usr/ports/lang/perl5.10 @@ -318,7 +325,7 @@ /usr/ports/security/snort WITHOUT_DEBUGGING=true WITHOUT_GDBM=true WITHOUT_PERL_MALLOC=true WITH_PERL_64BITINT=true WITHOUT_THREADS=true WITHOUT_MULTIPLICITY=true WITHOUT_SUIDPERL=true WITHOUT_SITECUSTOMIZE=true WITH_USE_PERL=true http://www.pfsense.com/packages/config/snort/snort.xml - 2.8.6 pkg v. 1.31 + 2.8.6.1 pkg v. 1.33 2.0 Stable /snort.xml -- cgit v1.2.3