From af0639664b41212ebf02574196525ea0326580cd Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Tue, 3 Feb 2015 11:13:56 -0500 Subject: Fix duplicated cron task bug when saving new time interval. --- config/snort/snort.inc | 13 ++++++++++--- config/snort/snort_post_install.php | 21 +++++++++++++++++++++ 2 files changed, 31 insertions(+), 3 deletions(-) diff --git a/config/snort/snort.inc b/config/snort/snort.inc index bec163d7..16574e77 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -814,7 +814,9 @@ function snort_snortloglimit_install_cron($should_install=TRUE) { if ($should_install && snort_cron_job_exists("/usr/local/pkg/snort/snort_check_cron_misc.inc", TRUE, "*/5")) return; - // Else install the new or updated cron job + // Else install the new or updated cron job by removing the + // existing job first, then installing the new or updated job. + install_cron_job("snort_check_cron_misc.inc", false); install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/snort/snort_check_cron_misc.inc", $should_install, "*/5"); } @@ -921,7 +923,9 @@ function snort_rm_blocked_install_cron($should_install) { // Else install the new or updated cron job if ($should_install) { - install_cron_job($command, $should_install, $snort_rm_blocked_min, $snort_rm_blocked_hr, $snort_rm_blocked_mday, $snort_rm_blocked_month, $snort_rm_blocked_wday, "root"); + // Remove the existing job first, then install the new or updated job + install_cron_job("snort2c", false); + install_cron_job($command, true, $snort_rm_blocked_min, $snort_rm_blocked_hr, $snort_rm_blocked_mday, $snort_rm_blocked_month, $snort_rm_blocked_wday, "root"); } } @@ -1009,8 +1013,11 @@ function snort_rules_up_install_cron($should_install) { return; // Else install the new or updated cron job - if ($should_install) + if ($should_install) { + // Remove the existing job first, then install the new or updated job + install_cron_job("snort_check_for_rule_updates.php", false); install_cron_job($command, $should_install, $snort_rules_up_min, $snort_rules_up_hr, $snort_rules_up_mday, $snort_rules_up_month, $snort_rules_up_wday, "root"); + } } /* Only run when all ifaces needed to sync. Expects filesystem rw */ diff --git a/config/snort/snort_post_install.php b/config/snort/snort_post_install.php index 57e92ce5..bbe7e3e2 100644 --- a/config/snort/snort_post_install.php +++ b/config/snort/snort_post_install.php @@ -115,6 +115,27 @@ if ($pkgid >= 0) { /* Define a default Dashboard Widget Container for Snort */ $snort_widget_container = "snort_alerts-container:col2:close"; +/*********************************************************/ +/* START OF BUG FIX CODE */ +/* */ +/* Remove any Snort cron tasks that may have been left */ +/* from a previous uninstall due to a bug that saved */ +/* edited cron tasks as new ones while still leaving */ +/* the original task. Correct cron task entries will */ +/* be recreated below if saved settings are detected. */ +/*********************************************************/ +$cron_count = 0; +while (snort_cron_job_exists("snort2c", FALSE)) { + install_cron_job("snort2c", false); + $cron_count++; +} +if ($cron_count > 0) + log_error(gettext("[Snort] Removed {$cron_count} duplicate 'remove_blocked_hosts' cron task(s).")); + +/*********************************************************/ +/* END OF BUG FIX CODE */ +/*********************************************************/ + /* remake saved settings */ if ($config['installedpackages']['snortglobal']['forcekeepsettings'] == 'on') { log_error(gettext("[Snort] Saved settings detected... rebuilding installation with saved settings...")); -- cgit v1.2.3 From 388792a6710deade660a860eb2685e4340bbf274 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Tue, 3 Feb 2015 12:36:03 -0500 Subject: Add checks so empty IP or subnet is not saved to HOME_NET or PASS LIST. --- config/snort/snort.inc | 36 ++++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 16574e77..b9a022fd 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -324,10 +324,11 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false, $extern if (($externallist && $localnet == 'yes') || (!$externallist && (!$whitelist || $localnet == 'yes' || empty($localnet)))) { if (is_ipaddr($snortip)) { if ($snortcfg['interface'] <> "wan") { - $sn = get_interface_subnet($snortcfg['interface']); - $ip = gen_subnet($snortip, $sn) . "/{$sn}"; - if (!in_array($ip, $home_net)) - $home_net[] = $ip; + if ($sn = get_interface_subnet($snortcfg['interface'])) { + $ip = gen_subnet($snortip, $sn) . "/{$sn}"; + if (!in_array($ip, $home_net)) + $home_net[] = $ip; + } } } } @@ -346,10 +347,11 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false, $extern if (($externallist && $localnet == 'yes') || (!$externallist && (!$whitelist || $localnet == 'yes' || empty($localnet)))) { if (is_ipaddrv6($snortip)) { if ($snortcfg['interface'] <> "wan") { - $sn = get_interface_subnetv6($snortcfg['interface']); - $ip = gen_subnetv6($snortip, $sn). "/{$sn}"; - if (!in_array($ip, $home_net)) - $home_net[] = $ip; + if ($sn = get_interface_subnetv6($snortcfg['interface'])) { + $ip = gen_subnetv6($snortip, $sn). "/{$sn}"; + if (!in_array($ip, $home_net)) + $home_net[] = $ip; + } } } } @@ -383,10 +385,11 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false, $extern continue; $subnet = get_interface_ip($int); if (is_ipaddrv4($subnet)) { - $sn = get_interface_subnet($int); - $ip = gen_subnet($subnet, $sn) . "/{$sn}"; - if (!in_array($ip, $home_net)) - $home_net[] = $ip; + if ($sn = get_interface_subnet($int)) { + $ip = gen_subnet($subnet, $sn) . "/{$sn}"; + if (!in_array($ip, $home_net)) + $home_net[] = $ip; + } } $subnet = get_interface_ipv6($int); @@ -394,10 +397,11 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false, $extern if (strpos($subnet, "%") !== FALSE) $subnet = substr($subnet, 0, strpos($subnet, "%")); if (is_ipaddrv6($subnet)) { - $sn = get_interface_subnetv6($int); - $ip = gen_subnetv6($subnet, $sn). "/{$sn}"; - if (!in_array($ip, $home_net)) - $home_net[] = $ip; + if ($sn = get_interface_subnetv6($int)) { + $ip = gen_subnetv6($subnet, $sn). "/{$sn}"; + if (!in_array($ip, $home_net)) + $home_net[] = $ip; + } } // Add link-local address -- cgit v1.2.3 From 9c3ad294a80904a492cc5720eaee0afc33af33d4 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Tue, 3 Feb 2015 12:41:32 -0500 Subject: Bump Snort GUI package to 3.2.3 --- config/snort/snort.xml | 2 +- config/snort/snort_migrate_config.php | 2 +- config/snort/snort_post_install.php | 4 ++-- pkg_config.10.xml | 2 +- pkg_config.8.xml | 2 +- pkg_config.8.xml.amd64 | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/config/snort/snort.xml b/config/snort/snort.xml index fb23997c..60573130 100755 --- a/config/snort/snort.xml +++ b/config/snort/snort.xml @@ -47,7 +47,7 @@ Currently there are no FAQ items provided. Snort 2.9.7.0 - Services:2.9.7.0 pkg v3.2.2 + Services:2.9.7.0 pkg v3.2.3 /usr/local/pkg/snort/snort.inc Snort diff --git a/config/snort/snort_migrate_config.php b/config/snort/snort_migrate_config.php index 12ae5d19..de8ac308 100644 --- a/config/snort/snort_migrate_config.php +++ b/config/snort/snort_migrate_config.php @@ -533,7 +533,7 @@ unset($r); // Log a message if we changed anything if ($updated_cfg) { - $config['installedpackages']['snortglobal']['snort_config_ver'] = "3.2"; + $config['installedpackages']['snortglobal']['snort_config_ver'] = "3.2.3"; log_error("[Snort] Settings successfully migrated to new configuration format..."); } else diff --git a/config/snort/snort_post_install.php b/config/snort/snort_post_install.php index bbe7e3e2..7ab8b3db 100644 --- a/config/snort/snort_post_install.php +++ b/config/snort/snort_post_install.php @@ -263,8 +263,8 @@ if (stristr($config['widgets']['sequence'], "snort_alerts-container") === FALSE) $config['widgets']['sequence'] .= ",{$snort_widget_container}"; /* Update Snort package version in configuration */ -$config['installedpackages']['snortglobal']['snort_config_ver'] = "3.2"; -write_config("Snort pkg v3.2: post-install configuration saved."); +$config['installedpackages']['snortglobal']['snort_config_ver'] = "3.2.3"; +write_config("Snort pkg v3.2.3: post-install configuration saved."); /* Done with post-install, so clear flag */ unset($g['snort_postinstall']); diff --git a/pkg_config.10.xml b/pkg_config.10.xml index f9d22f75..fdd7d99e 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -339,7 +339,7 @@ barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;snort_SET=PERFPROFILE SOURCEFIRE GRE IPV6 NORMALIZER APPID;snort_UNSET=PULLEDPORK FILEINSPECT HA;perl_SET=THREADS https://packages.pfsense.org/packages/config/snort/snort.xml - 2.9.7.0 pkg v3.2.2 + 2.9.7.0 pkg v3.2.3 2.2 Stable /snort.xml diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 406b4f16..a36cc99f 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -469,7 +469,7 @@ barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;snort_SET=PERFPROFILE SOURCEFIRE GRE IPV6 NORMALIZER APPID;snort_UNSET=PULLEDPORK FILEINSPECT HA;perl_SET=THREADS https://packages.pfsense.org/packages/config/snort/snort.xml - 2.9.7.0 pkg v3.2.2 + 2.9.7.0 pkg v3.2.3 2.1 Stable /snort.xml diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 88c49ca6..a19fe876 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -456,7 +456,7 @@ barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;snort_SET=PERFPROFILE SOURCEFIRE GRE IPV6 NORMALIZER APPID;snort_UNSET=PULLEDPORK FILEINSPECT HA;perl_SET=THREADS https://packages.pfsense.org/packages/config/snort/snort.xml - 2.9.7.0 pkg v3.2.2 + 2.9.7.0 pkg v3.2.3 2.1 Stable /snort.xml -- cgit v1.2.3