From aff42d53fb74f70995b204c6d17a3e7153f9705b Mon Sep 17 00:00:00 2001 From: unknown Date: Sat, 26 Jan 2013 21:14:46 -0500 Subject: Add new Search Performance options for AC-SPLIT and three -NQ non-queued options. --- config/snort/snort_interfaces_edit.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php index cec43bb7a..d0fabbf4 100755 --- a/config/snort/snort_interfaces_edit.php +++ b/config/snort/snort_interfaces_edit.php @@ -295,7 +295,9 @@ function enable_change(enable_change) {
+ "systems, AC-SPLIT: low memory, high performance, short-hand for search-method ac split-any-any, AC: high memory, " . + "best performance, -NQ: the -nq option specifies that matches should not be queued and evaluated as they are found," . + " AC-STD: moderate memory, high performance, ACS: small memory, moderate performance, " . + "AC-BANDED: small memory,moderate performance, AC-SPARSEBANDS: small memory, high performance."); ?>
-- cgit v1.2.3 From 4cc6d535ea0c48acc9aba7f1a2cc1e0e25146ee4 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Sat, 26 Jan 2013 21:20:39 -0500 Subject: Add new Search Performance options for AC-SPLIT and three -NQ non-queued options. --- config/snort/snort_rules.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index 83e1ea8b..7457632d 100755 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -362,7 +362,7 @@ function popup(url)     -   - + @@ -446,7 +446,7 @@ function popup(url) $textss $message $textse "; ?> - + Date: Sat, 26 Jan 2013 21:20:39 -0500 Subject: Fixed incorrect CSS class names on two table cells. --- config/snort/snort_rules.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index 83e1ea8b..7457632d 100755 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -362,7 +362,7 @@ function popup(url)     -   - + @@ -446,7 +446,7 @@ function popup(url) $textss $message $textse "; ?> - + Date: Tue, 29 Jan 2013 21:23:40 -0500 Subject: Add additional config parameters in GUI for pfPortscan preprocessor. --- config/snort/snort.inc | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/config/snort/snort.inc b/config/snort/snort.inc index dede1f1d..3571a215 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -2061,13 +2061,25 @@ PIPELINING CHUNKING DATA DSN RSET QUIT ONEX QUEU STARTTLS TICK TIME TURNME VERB EOD; /* def sf_portscan */ + if (!empty($snortcfg['pscan_sense_level'])) + $sf_pscan_sense_level = $snortcfg['pscan_sense_level']; + else + $sf_pscan_sense_level = "medium"; + + if (!empty($snortcfg['pscan_ignore_scanners']) && is_alias($snortcfg['pscan_ignore_scanners'])) { + $sf_pscan_ignore_scanners = filter_expand_alias($snortcfg['pscan_ignore_scanners']); + $sf_pscan_ignore_scanners = preg_replace('/\s+/', ',', trim($sf_pscan_ignore_scanners)); + } + else + $sf_pscan_ignore_scanners = "\$HOME_NET"; + $sf_portscan = << Date: Tue, 29 Jan 2013 21:24:52 -0500 Subject: Add additional config parameters in GUI for pfPortscan preprocessor. --- config/snort/snort_preprocessors.php | 98 ++++++++++++++++++++++++++++++++---- 1 file changed, 88 insertions(+), 10 deletions(-) diff --git a/config/snort/snort_preprocessors.php b/config/snort/snort_preprocessors.php index 916fd413..89f1136c 100755 --- a/config/snort/snort_preprocessors.php +++ b/config/snort/snort_preprocessors.php @@ -81,6 +81,9 @@ if ($_POST) { $natent = array(); $natent = $pconfig; + if ($_POST['pscan_ignore_scanners'] && !is_alias($_POST['pscan_ignore_scanners'])) + $input_errors[] = "Only aliases are allowed"; + /* if no errors write to conf */ if (!$input_errors) { /* post new options */ @@ -89,6 +92,12 @@ if ($_POST) { if ($_POST['max_queued_bytes'] != "") { $natent['max_queued_bytes'] = $_POST['max_queued_bytes']; }else{ $natent['max_queued_bytes'] = ""; } if ($_POST['max_queued_segs'] != "") { $natent['max_queued_segs'] = $_POST['max_queued_segs']; }else{ $natent['max_queued_segs'] = ""; } if ($_POST['stream5_mem_cap'] != "") { $natent['stream5_mem_cap'] = $_POST['stream5_mem_cap']; }else{ $natent['stream5_mem_cap'] = ""; } + if ($_POST['pscan_sense_level'] != "") { $natent['pscan_sense_level'] = $_POST['pscan_sense_level']; }else{ $natent['pscan_sense_level'] = "medium"; } + + if ($_POST['pscan_ignore_scanners']) + $natent['pscan_ignore_scanners'] = $_POST['pscan_ignore_scanners']; + else + unset($natent['pscan_ignore_scanners']); $natent['perform_stat'] = $_POST['perform_stat'] ? 'on' : 'off'; $natent['http_inspect'] = $_POST['http_inspect'] ? 'on' : 'off'; @@ -155,6 +164,10 @@ include_once("head.inc"); ?> + +
@@ -177,7 +190,7 @@ include_once("head.inc"); @@ -298,6 +311,46 @@ include_once("head.inc"); "in RAM. Default value is 8388608 (8 MB)"); ?>
+ + + + + + + + + + + + + + @@ -346,15 +399,6 @@ include_once("head.inc"); onClick="enable_change(false)">
- - - - @@ -438,6 +482,40 @@ include_once("head.inc");
  >
-
+

+ 		+ onClick="enable_change(false)">
+
+
+ +
+ +
+ +
+
+

+ +

- 		- onClick="enable_change(false)">
-

+ -- cgit v1.2.3