From 5298dc5f55275ec1dba45f062064961f67f99cb2 Mon Sep 17 00:00:00 2001 From: robiscool Date: Thu, 18 Jun 2009 12:09:45 -0700 Subject: add mcrane SIP ports to the snort.conf, remove exit when emerg website is down, add exit when snort rules download fails --- config/snort/snort.inc | 2 +- config/snort/snort_download_rules.php | 20 ++++++-------------- 2 files changed, 7 insertions(+), 15 deletions(-) (limited to 'config') diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 750e1a7c..3798b966 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -445,7 +445,7 @@ portvar SSH_PORTS {$ssh_port} portvar TELNET_PORTS 23 portvar MAIL_PORTS [25,143,465,691] portvar SSL_PORTS [25,443,465,636,993,995] -portvar SIP_PROXY_PORTS [5060] +portvar SIP_PROXY_PORTS [5060:5090,16384:32768] # DCERPC NCACN-IP-TCP portvar DCERPC_NCACN_IP_TCP [139,445] diff --git a/config/snort/snort_download_rules.php b/config/snort/snort_download_rules.php index 94713dbc..598d59b6 100644 --- a/config/snort/snort_download_rules.php +++ b/config/snort/snort_download_rules.php @@ -236,20 +236,7 @@ if (0 == filesize("{$tmpfname}/snortrules-snapshot-2.8.tar.gz.md5")){ exit(0); } -/* If emergingthreats md5 file is empty wait 15min exit */ -$emergingthreats_url_chk = $config['installedpackages']['snort']['config'][0]['emergingthreats']; -if ($emergingthreats_url_chk == on) { -if (0 == filesize("{$tmpfname}/version.txt")){ - update_status(gettext("There was an error getting emergingthreats md5.")); - update_output_window(gettext("There was an error getting emergingthreats md5.")); - hide_progress_bar_status(); - /* Display last time of sucsessful md5 check from cache */ -// echo "\n

You last checked for updates: {$last_md5_download}

\n"; -// echo "\n

You last installed for rules: {$last_rules_install}

\n"; - echo "\n\n\n\n"; - exit(0); - } -} +/* If emergingthreats md5 file is empty wait 15min exit not needed */ /* If pfsense md5 file is empty wait 15min exit */ if (0 == filesize("{$tmpfname}/$pfsense_rules_filename_md5")){ @@ -360,6 +347,11 @@ if (file_exists("{$tmpfname}/{$snort_filename}")) { download_file_with_progress_bar("http://dl.snort.org/{$premium_url}/snortrules-snapshot-2.8{$premium_subscriber}.tar.gz?oink_code={$oinkid}", $tmpfname . "/{$snort_filename}", "read_body_firmware"); update_all_status($static_output); update_status(gettext("Done downloading rules file.")); + if (150000 > filesize("{$tmpfname}/$snort_filename")){ + update_status(gettext("There is on error with snort rules download...")); + update_output_window(gettext("Snort rules file download failed...")); + exit(0); + } } } -- cgit v1.2.3