From b94a6d1c79ddcb6ae258e0e2547e078b17262a37 Mon Sep 17 00:00:00 2001 From: Ermal Date: Fri, 6 Jul 2012 21:36:08 +0000 Subject: Generalize the version of snort used allover in the code. Thank you to http://forum.pfsense.org/index.php/topic,51217.0.html --- config/snort/snort.inc | 7 +++++-- config/snort/snort.xml | 4 ++-- config/snort/snort_check_for_rule_updates.php | 12 ++++++------ config/snort/snort_download_rules.php | 13 ++++++------- 4 files changed, 19 insertions(+), 17 deletions(-) diff --git a/config/snort/snort.inc b/config/snort/snort.inc index b07a2572..277ec5e7 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -37,8 +37,11 @@ require_once("functions.inc"); require_once("filter.inc"); /* package version */ -$snort_package_version = 'Snort 2.9.2.3 pkg v. 2.2.2'; -$snort_rules_file = "snortrules-snapshot-2922.tar.gz"; +$snort_version = "2.9.2.3"; +$pfSense_snort_version = "2.2.2"; +$snort_package_version = "Snort {$snort_version} pkg v. {$pfSense_snort_version}"; +$snort_rules_file = "snortrules-snapshot-2923.tar.gz"; +$emerging_threats_version = "2.9.0"; /* Allow additional execution time 0 = no limit. */ ini_set('max_execution_time', '9999'); diff --git a/config/snort/snort.xml b/config/snort/snort.xml index fbd2cf8e..e320e893 100644 --- a/config/snort/snort.xml +++ b/config/snort/snort.xml @@ -46,8 +46,8 @@ Describe your package requirements here Currently there are no FAQ items provided. Snort - 2.9.0.5 - Services:2.9.0.5 pkg v. 2.0 + 2.9.2.3 + Services:2.9.2.3 pkg v. 2.2.2 /usr/local/pkg/snort/snort.inc Snort diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index c62aea32..f9b9ff69 100644 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -129,7 +129,7 @@ if ($emergingthreats == 'on') { update_status(gettext("Downloading emergingthreats md5 file...")); ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)'); // $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/version.txt"); - $image = @file_get_contents('http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz.md5'); + $image = @file_get_contents('http://rules.emergingthreats.net/open/snort-{$emerging_threats_version}/emerging.rules.tar.gz.md5'); @file_put_contents("{$tmpfname}/{$emergingthreats_filename_md5}", $image); update_status(gettext("Done downloading emergingthreats md5")); } @@ -266,7 +266,7 @@ if ($emergingthreats == "on") }else{ update_status(gettext("There is a new set of Emergingthreats rules posted. Downloading...")); update_output_window(gettext("May take 4 to 10 min...")); - download_file_with_progress_bar('http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz', "{$tmpfname}/{$emergingthreats_filename}"); + download_file_with_progress_bar('http://rules.emergingthreats.net/open/snort-{$emerging_threats_version}/emerging.rules.tar.gz', "{$tmpfname}/{$emergingthreats_filename}"); update_status(gettext('Done downloading Emergingthreats rules file.')); log_error("Emergingthreats rules file update downloaded succsesfully"); } @@ -337,11 +337,11 @@ if ($snortdownload == 'on') /* extract so rules */ exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/'); if($snort_arch == 'x86'){ - exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.9.0.5/"); - exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.9.0.5/* /usr/local/lib/snort/dynamicrules/"); + exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/{$snort_version}/"); + exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/{$snort_version}/* /usr/local/lib/snort/dynamicrules/"); } else if ($snort_arch == 'x64') { - exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/x86-64/2.9.0.5/"); - exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/x86-64/2.9.0.5/* /usr/local/lib/snort/dynamicrules/"); + exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/x86-64/{$snort_version}/"); + exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/x86-64/{$snort_version}/* /usr/local/lib/snort/dynamicrules/"); } /* extract so rules none bin and rename */ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" . diff --git a/config/snort/snort_download_rules.php b/config/snort/snort_download_rules.php index 6c3fb71c..255aeb07 100644 --- a/config/snort/snort_download_rules.php +++ b/config/snort/snort_download_rules.php @@ -181,7 +181,7 @@ if ($emergingthreats == 'on') update_status(gettext("Downloading emergingthreats md5 file...")); ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)'); // $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/version.txt"); - $image = @file_get_contents('http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz.md5'); + $image = @file_get_contents('http://rules.emergingthreats.net/open/snort-{$emerging_threats_version}/emerging.rules.tar.gz.md5'); @file_put_contents("{$tmpfname}/{$emergingthreats_filename_md5}", $image); update_status(gettext("Done downloading emergingthreats md5")); } @@ -325,7 +325,7 @@ if ($emergingthreats == "on") }else{ update_status(gettext("There is a new set of Emergingthreats rules posted. Downloading...")); update_output_window(gettext("May take 4 to 10 min...")); - download_file_with_progress_bar('http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz', "{$tmpfname}/{$emergingthreats_filename}"); + download_file_with_progress_bar('http://rules.emergingthreats.net/open/snort-{$emerging_threats_version}/emerging.rules.tar.gz', "{$tmpfname}/{$emergingthreats_filename}"); update_status(gettext('Done downloading Emergingthreats rules file.')); log_error("Emergingthreats rules file update downloaded succsesfully"); } @@ -399,12 +399,11 @@ if ($snortdownload == 'on') /* extract so rules */ exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/'); if($snort_arch == 'x86') { - exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.9.0.5/"); - exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.9.0.5/"); - exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.9.0.5/* /usr/local/lib/snort/dynamicrules/"); + exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/{$snort_version}/"); + exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/{$snort_version}/* /usr/local/lib/snort/dynamicrules/"); } else if ($snort_arch == 'x64') { - exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/x86-64/2.9.0.5/"); - exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/x86-64/2.9.0.5/* /usr/local/lib/snort/dynamicrules/"); + exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/x86-64/{$snort_version}/"); + exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/x86-64/{$snort_version}/* /usr/local/lib/snort/dynamicrules/"); } /* extract so rules none bin and rename */ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" . -- cgit v1.2.3