November 18 2009

Snort_inline due date is by Dec 1st. (Why ? Scott said so.)

Gui is almost done. just odds and ends left.

If you work on this package just comment on every-thing you change or add. 

====================
Goals
====================

Release the New snort GUI as a package for 1.2.3 so that we can work out bugs.

Move the Snort GUI to base of Pfsense. The divert options should be added to firewall_nat.php or firewall_rules.php.

Ask Ermal to add divert out to Pfsense again though, he has kept divert in.

=================================
Any Devs that would like to help please work on snort_rules_edit.php and snort_rules.php. They work but need cleaning up.
=================================

To get snort_rules_edit.php and snort_rules.php working 

 * Update the rules.
 * Add at least on rule to snort_interfaces.php.

snort_rules_edit.php 
Make sure all snort sig options that are in the GUI are written to file.

snort_rules.php 
Change the way the rules get disabled, by removing the x icon image and replacing it with check boxes.
This should improve the users experience. Moreover, check boxes could be added to blocked.php tab to improve performance.
Users always complain that the way were deleting options is slow. 

===========================================
Misc.
===========================================

All further development will be in Freebsd 8. 

ALL further snort and barnyard builds will be mmx sse.

All further snort builds will have snort_inline code.

All further builds will have "did I start on a pfsense system" code, if not, exit.

Adding extra options to the new snort gui for snort_inline should be easy.

Snort_inline binaries with custom c++ code ready to go.

Snort_inline works with only one Wan and Lan. Add a Opt onterface and the TCP flow goes into a loop.
This should be easy to fix by the firewall guru by modifying the divert rule I am using.
 

 
Done.