From 320b8afa9bed3998aa04e51c77733c48466250c9 Mon Sep 17 00:00:00 2001 From: robiscool Date: Sun, 4 Oct 2009 11:27:37 -0700 Subject: snort stable snort dev, fix misc --- config/snort/snort.inc | 16 +++++++++------- config/snort/snort_check_for_rule_updates.php | 7 ++----- config/snort/snort_download_rules.php | 8 ++------ 3 files changed, 13 insertions(+), 18 deletions(-) (limited to 'config/snort') diff --git a/config/snort/snort.inc b/config/snort/snort.inc index a5e2425b..7320db00 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -78,13 +78,15 @@ function sync_package_snort() exec("/bin/mkdir -p /usr/local/etc/snort"); exec("/bin/mkdir -p /var/log/snort"); exec("/bin/mkdir -p /usr/local/etc/snort/rules"); - exec("/bin/cp /usr/local/etc/snort/unicode.map-sample /usr/local/etc/snort/unicode.map"); - exec("/bin/cp /usr/local/etc/snort/classification.config-sample /usr/local/etc/snort/classification.config"); - exec("/bin/cp /usr/local/etc/snort/generators-sample /usr/local/etc/snort/generators"); - exec("/bin/cp /usr/local/etc/snort/reference.config-sample /usr/local/etc/snort/reference.config"); - exec("/bin/cp /usr/local/etc/snort/sid-msg.map-sample /usr/local/etc/snort/sid-msg.map"); - exec("/bin/cp /usr/local/etc/snort/sid-sample /usr/local/etc/snort/sid"); - exec("/bin/cp /usr/local/etc/snort/unicode.map-sample /usr/local/etc/snort/unicode.map"); + exec("/bin/rm /usr/local/etc/snort/snort.conf-sample"); + exec("/bin/rm /usr/local/etc/snort/threshold.conf-sample"); + exec("/bin/rm /usr/local/etc/snort/sid-msg.map-sample"); + exec("/bin/rm /usr/local/etc/snort/unicode.map-sample"); + exec("/bin/rm /usr/local/etc/snort/classification.config-sample"); + exec("/bin/rm /usr/local/etc/snort/generators-sample"); + exec("/bin/rm /usr/local/etc/snort/reference.config-sample"); + exec("/bin/rm /usr/local/etc/snort/gen-msg.map-sample"); + exec("/bin/rm /usr/local/etc/snort/sid"); exec("/bin/rm -f /usr/local/etc/rc.d/snort"); $first = 0; diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index f21e34c0..95adbaa6 100644 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -562,7 +562,7 @@ if (file_exists("/usr/local/lib/snort/dynamicrules/lib_sfdynamic_example_rule.so echo "Updating Alert Messages...\n"; echo "Please Wait...\n"; sleep(2); -exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort_bkup/rules > /usr/local/etc/snort_bkup/gen-msg.map"); +exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort_bkup/rules > /usr/local/etc/snort_bkup/sid-msg.map"); /* Run oinkmaster to snort_wan and cp configs */ /* If oinkmaster is not needed cp rules normally */ @@ -580,21 +580,18 @@ echo "May take a while...\n"; exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}"); exec("/bin/cp {$snortdir}/sid {$snortdir_wan}"); exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}"); -// exec("/bin/cp {$snortdir}/snort.conf {$snortdir_wan}"); -// exec("/bin/cp {$snortdir}/threshold.conf {$snortdir_wan}"); exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}"); } else { echo "Your enable and disable changes are being applied to your fresh set of rules...\n"; echo "May take a while...\n"; + exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/rules/"); exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}"); exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}"); exec("/bin/cp {$snortdir}/generators {$snortdir_wan}"); exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}"); exec("/bin/cp {$snortdir}/sid {$snortdir_wan}"); exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}"); -// exec("/bin/cp {$snortdir}/snort.conf {$snortdir_wan}"); -// exec("/bin/cp {$snortdir}/threshold.conf {$snortdir_wan}"); exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}"); /* oinkmaster.pl will convert saved changes for the new updates then we have to change #alert to # alert for the gui */ diff --git a/config/snort/snort_download_rules.php b/config/snort/snort_download_rules.php index 5e2b9888..133f2d2a 100644 --- a/config/snort/snort_download_rules.php +++ b/config/snort/snort_download_rules.php @@ -680,7 +680,7 @@ if (file_exists("/usr/local/lib/snort/dynamicrules/lib_sfdynamic_example_rule.so /* create a msg-map for snort */ update_status(gettext("Updating Alert Messages...")); update_output_window(gettext("Please Wait...")); -exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort_bkup/rules > /usr/local/etc/snort_bkup/gen-msg.map"); +exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort_bkup/rules > /usr/local/etc/snort_bkup/sid-msg.map"); /* Run oinkmaster to snort_wan and cp configs */ /* If oinkmaster is not needed cp rules normally */ @@ -697,22 +697,18 @@ if ($snort_md5_check_ok != on || $emerg_md5_check_chk_ok != on || $pfsense_md5_c exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}"); exec("/bin/cp {$snortdir}/sid {$snortdir_wan}"); exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}"); -// exec("/bin/cp {$snortdir}/snort.conf {$snortdir_wan}"); -// exec("/bin/cp {$snortdir}/threshold.conf {$snortdir_wan}"); exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}"); } else { update_status(gettext("Your enable and disable changes are being applied to your fresh set of rules...")); update_output_window(gettext("May take a while...")); - + exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/rules/"); exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}"); exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}"); exec("/bin/cp {$snortdir}/generators {$snortdir_wan}"); exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}"); exec("/bin/cp {$snortdir}/sid {$snortdir_wan}"); exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}"); -// exec("/bin/cp {$snortdir}/snort.conf {$snortdir_wan}"); -// exec("/bin/cp {$snortdir}/threshold.conf {$snortdir_wan}"); exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}"); /* oinkmaster.pl will convert saved changes for the new updates then we have to change #alert to # alert for the gui */ -- cgit v1.2.3