From a39d18d35f155660bcba150985a330285d6df6cf Mon Sep 17 00:00:00 2001
From: robiscool <robrob2626@yahoo.com>
Date: Tue, 6 Oct 2009 15:13:43 -0700
Subject: snort snort-dev, do not clear snort2c table on filter reloads, add
 icmp packets

---
 config/snort-dev/snort.inc                   | 5 ++---
 config/snort-dev/snort.xml                   | 4 ++--
 config/snort-dev/snort_dynamic_ip_reload.php | 6 +++---
 config/snort/snort.inc                       | 5 ++---
 config/snort/snort.xml                       | 4 ++--
 config/snort/snort_dynamic_ip_reload.php     | 6 +++---
 pkg_config.7.xml                             | 6 +++---
 7 files changed, 17 insertions(+), 19 deletions(-)

diff --git a/config/snort-dev/snort.inc b/config/snort-dev/snort.inc
index 7320db00..575192b9 100644
--- a/config/snort-dev/snort.inc
+++ b/config/snort-dev/snort.inc
@@ -1184,15 +1184,14 @@ preprocessor frag3_engine: policy first
 preprocessor frag3_engine: policy bsd detect_anomalies
 
 preprocessor stream5_global: max_tcp 8192, track_tcp yes, \
-track_udp yes 
-# track_icmp yes
+track_udp yes, track_icmp yes
 preprocessor stream5_tcp: bind_to any, policy windows
 preprocessor stream5_tcp: bind_to any, policy linux
 preprocessor stream5_tcp: bind_to any, policy vista
 preprocessor stream5_tcp: bind_to any, policy macos
 preprocessor stream5_tcp: policy BSD, ports both all, use_static_footprint_sizes
 preprocessor stream5_udp
-# preprocessor stream5_icmp
+preprocessor stream5_icmp
 
 ##########################
                          #
diff --git a/config/snort-dev/snort.xml b/config/snort-dev/snort.xml
index a6f2ffa1..fc32ceb9 100644
--- a/config/snort-dev/snort.xml
+++ b/config/snort-dev/snort.xml
@@ -46,8 +46,8 @@
     <requirements>Describe your package requirements here</requirements>
     <faq>Currently there are no FAQ items provided.</faq>
 	<name>Snort</name>
-	<version>2.8.4.1_3</version>
-	<title>Services: Snort 2.8.4.1_3 pkg v. 1.7 alpha</title>
+	<version>2.8.4.1_5</version>
+	<title>Services: Snort 2.8.4.1_5 pkg v. 1.7 alpha</title>
 	<include_file>/usr/local/pkg/snort.inc</include_file>
 	<menu>
 		<name>Snort</name>
diff --git a/config/snort-dev/snort_dynamic_ip_reload.php b/config/snort-dev/snort_dynamic_ip_reload.php
index 7933ba16..0fad085b 100644
--- a/config/snort-dev/snort_dynamic_ip_reload.php
+++ b/config/snort-dev/snort_dynamic_ip_reload.php
@@ -3,7 +3,7 @@
 /* $Id$ */
 /*
 	snort_dynamic_ip_reload.php
-	Copyright (C) 2006 Scott Ullrich
+	Copyright (C) 2006 Scott Ullrich and Robert Zeleya
 	All rights reserved.
 
 	Redistribution and use in source and binary forms, with or without
@@ -29,6 +29,7 @@
 */
 
 /* NOTE: this file gets included from the pfSense filter.inc plugin process */
+/* NOTE: file location /usr/local/pkg/pf, all files in pf dir get exec on filter reloads */
 
 require_once("/usr/local/pkg/snort.inc");
 require_once("service-utils.inc");
@@ -38,12 +39,11 @@ require_once("config.inc");
 if($config['interfaces']['wan']['ipaddr'] == "pppoe" or
    $config['interfaces']['wan']['ipaddr'] == "dhcp") {
 		create_snort_conf();
-		mwexec("/sbin/pfctl -t snort2c -T flush");
 		exec("killall -HUP snort");
 		/* define snortbarnyardlog_chk */
         $snortbarnyardlog_info_chk = $config['installedpackages']['snortadvanced']['config'][0]['snortbarnyardlog'];
         if ($snortbarnyardlog_info_chk == on)
-                exec("/usr/bin/killall barnyard2; /usr/local/bin/barnyard2 -c /usr/local/etc/barnyard2.conf -d /var/log/snort -f snort.u2 -w /usr/local/etc/snort/barnyard2.waldo -D -q\n");
+                exec("killall -HUP barnyard2");
 }
 
 ?>
\ No newline at end of file
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 7320db00..575192b9 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -1184,15 +1184,14 @@ preprocessor frag3_engine: policy first
 preprocessor frag3_engine: policy bsd detect_anomalies
 
 preprocessor stream5_global: max_tcp 8192, track_tcp yes, \
-track_udp yes 
-# track_icmp yes
+track_udp yes, track_icmp yes
 preprocessor stream5_tcp: bind_to any, policy windows
 preprocessor stream5_tcp: bind_to any, policy linux
 preprocessor stream5_tcp: bind_to any, policy vista
 preprocessor stream5_tcp: bind_to any, policy macos
 preprocessor stream5_tcp: policy BSD, ports both all, use_static_footprint_sizes
 preprocessor stream5_udp
-# preprocessor stream5_icmp
+preprocessor stream5_icmp
 
 ##########################
                          #
diff --git a/config/snort/snort.xml b/config/snort/snort.xml
index 83ac38f0..763f65eb 100644
--- a/config/snort/snort.xml
+++ b/config/snort/snort.xml
@@ -46,8 +46,8 @@
     <requirements>Describe your package requirements here</requirements>
     <faq>Currently there are no FAQ items provided.</faq>
 	<name>Snort</name>
-	<version>2.8.4.1_3</version>
-	<title>Services: Snort 2.8.4.1_3 pkg v. 1.6</title>
+	<version>2.8.4.1_5</version>
+	<title>Services: Snort 2.8.4.1_5 pkg v. 1.6</title>
 	<include_file>/usr/local/pkg/snort.inc</include_file>
 	<menu>
 		<name>Snort</name>
diff --git a/config/snort/snort_dynamic_ip_reload.php b/config/snort/snort_dynamic_ip_reload.php
index 7933ba16..0fad085b 100644
--- a/config/snort/snort_dynamic_ip_reload.php
+++ b/config/snort/snort_dynamic_ip_reload.php
@@ -3,7 +3,7 @@
 /* $Id$ */
 /*
 	snort_dynamic_ip_reload.php
-	Copyright (C) 2006 Scott Ullrich
+	Copyright (C) 2006 Scott Ullrich and Robert Zeleya
 	All rights reserved.
 
 	Redistribution and use in source and binary forms, with or without
@@ -29,6 +29,7 @@
 */
 
 /* NOTE: this file gets included from the pfSense filter.inc plugin process */
+/* NOTE: file location /usr/local/pkg/pf, all files in pf dir get exec on filter reloads */
 
 require_once("/usr/local/pkg/snort.inc");
 require_once("service-utils.inc");
@@ -38,12 +39,11 @@ require_once("config.inc");
 if($config['interfaces']['wan']['ipaddr'] == "pppoe" or
    $config['interfaces']['wan']['ipaddr'] == "dhcp") {
 		create_snort_conf();
-		mwexec("/sbin/pfctl -t snort2c -T flush");
 		exec("killall -HUP snort");
 		/* define snortbarnyardlog_chk */
         $snortbarnyardlog_info_chk = $config['installedpackages']['snortadvanced']['config'][0]['snortbarnyardlog'];
         if ($snortbarnyardlog_info_chk == on)
-                exec("/usr/bin/killall barnyard2; /usr/local/bin/barnyard2 -c /usr/local/etc/barnyard2.conf -d /var/log/snort -f snort.u2 -w /usr/local/etc/snort/barnyard2.waldo -D -q\n");
+                exec("killall -HUP barnyard2");
 }
 
 ?>
\ No newline at end of file
diff --git a/pkg_config.7.xml b/pkg_config.7.xml
index e410d926..e2d2790f 100755
--- a/pkg_config.7.xml
+++ b/pkg_config.7.xml
@@ -257,7 +257,7 @@
       <depends_on_package>mysql-client-5.1.34.tbz</depends_on_package>
 	  <depends_on_package>snort-2.8.4.1_1.tbz</depends_on_package>
       <config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file>
-      <version>2.8.4.1_2 pkg v.1.6</version>
+      <version>2.8.4.1_5 pkg v.1.6</version>
       <required_version>1.2.2</required_version>
       <status>Stable</status>
       <configurationfile>snort.xml</configurationfile>
@@ -276,9 +276,9 @@
 	  <depends_on_package>mysql-client-5.1.34.tbz</depends_on_package>
 	  <depends_on_package>snort-2.8.4.1_1.tbz</depends_on_package>
       <config_file>http://www.pfsense.com/packages/config/snort-dev/snort.xml</config_file>
-      <version>2.8.4.1_2 RC5</version>
+      <version>2.8.4.1_5 pkg v.1.7</version>
       <required_version>1.2.2</required_version>
-      <status>Stable</status>
+      <status>alpha</status>
       <configurationfile>snort.xml</configurationfile>
 	  <after_install_info>Please visit the Snort settings tab and enter your oinkid code.   Afterwards visit the update rules tab to download the snort rules.</after_install_info>
     </package>
-- 
cgit v1.2.3