$snortsettings{'ENABLE_SNORT_GREEN'} = 'off';
$snortsettings{'ENABLE_SNORT_BLUE'} = 'off';
$snortsettings{'ENABLE_SNORT_ORANGE'} = 'off';
-$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} = 'off';
$snortsettings{'ENABLE_GUARDIAN'} = 'off';
$snortsettings{'GUARDIAN_INTERFACE'} = `cat /var/ipfire/red/iface`;
$snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'} = '1';
open(FILE, "/etc/snort/snort.conf") or die 'Unable to read snort config file.';
@snortconfig = <FILE>;
close(FILE);
- open(FILE, ">/etc/snort/snort.conf") or die 'Unable to write snort config file.';
+ open(FILE, "/etc/snort/snort.conf") or die 'Unable to write snort config file.';
my @rules = `cd /etc/snort/rules/ && ls *.rules`; # With this loop the rule might be display with correct rulepath set
foreach (@rules) {
# Trim the line
chomp $line;
- if ($snortsettings{'ACTION'} eq $Lang::tr{'save'}) {
- # Check for preprocessor settings
- if ($line =~ /preprocessor http_inspect/) {
- # Strip out leading # from rule line
- $line =~ s/\# ?//i;
- if (($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'off')) {
- $line = "# $line";
- }
- }
- }
-
# Check for a line with .rules
if ($line =~ /\.rules$/) {
# Parse out rule file name
####################### End added for snort rules control #################################
if ($snortsettings{'RULES'} eq 'subscripted') {
- $url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.6_s.tar.gz";
+ $url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8_s.tar.gz?oink_code=$snortsettings{'OINKCODE'}";
+ #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8_s.tar.gz";
} elsif ($snortsettings{'RULES'} eq 'registered') {
- $url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.6.tar.gz";
+ $url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz?oink_code=$snortsettings{'OINKCODE'}";
+ #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8.tar.gz";
} else {
$url="http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz";
}
$realmd5 = `/usr/bin/md5sum $filename`;
chomp ($realmd5);
$realmd5 =~ s/^(\w+)\s.*$/$1/;
- if ($md5 ne $realmd5) {
- $errormessage = "$Lang::tr{'invalid md5sum'}";
+ if ( $md5 ne $realmd5 ) {
+ $errormessage = "$Lang::tr{'invalid md5sum'} - $md5 - $realmd5";
} else {
$results = "<b>$Lang::tr{'installed updates'}</b>\n<pre>";
$results .=`/usr/local/bin/oinkmaster.pl -s -u file://$filename -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules 2>&1`;
$checked{'ENABLE_SNORT_ORANGE'}{'off'} = '';
$checked{'ENABLE_SNORT_ORANGE'}{'on'} = '';
$checked{'ENABLE_SNORT_ORANGE'}{$snortsettings{'ENABLE_SNORT_ORANGE'}} = "checked='checked'";
-$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'off'} = '';
-$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'on'} = '';
-$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}} = "checked='checked'";
$checked{'ENABLE_GUARDIAN'}{'off'} = '';
$checked{'ENABLE_GUARDIAN'}{'on'} = '';
$checked{'ENABLE_GUARDIAN'}{$snortsettings{'ENABLE_GUARDIAN'}} = "checked='checked'";
<tr>
<td><hr /></td>
</tr>
-<tr>
- <td><b>$Lang::tr{'ids preprocessor'}</b></td>
-</tr>
-<tr>
- <td><input type='checkbox' name='ENABLE_PREPROCESSOR_HTTP_INSPECT' $checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'on'} /> http_inspect
-<tr>
- <td><hr /></td>
-</tr>
<tr>
<td><b>$Lang::tr{'ids rules update'}</b></td>
</tr>
<tr><td align='left' width='40%'>$Lang::tr{'guardian timelimit'}</td><td align='left'><input type='text' name='TIMELIMIT' value='$snortsettings{'GUARDIAN_TIMELIMIT'}' size="30" /></td></tr>
<tr><td align='left' width='40%'>$Lang::tr{'guardian logfile'}</td><td align='left'><input type='text' name='LOGFILE' value='$snortsettings{'GUARDIAN_LOGFILE'}' size="30" /></td></tr>
<tr><td align='left' width='40%'>$Lang::tr{'guardian alertfile'}</td><td align='left'><input type='text' name='ALERTFILE' value='$snortsettings{'GUARDIAN_ALERTFILE'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian ignorefile'}</td><td align='left'><textarea name='IGNOREFILE_CONTENT' cols='32' rows='6' wrap='off'></textarea></td></tr>
+<tr><td align='left' width='40%'>$Lang::tr{'guardian ignorefile'}</td><td align='left'><textarea name='IGNOREFILE_CONTENT' cols='32' rows='6' wrap='off'>
+END
+;
+ print `cat /var/ipfire/guardian/guardian.ignore`;
+print <<END
+</textarea></td></tr>
<tr><td align='center' colspan='2'><input type='hidden' name='ACTION2' value='guardian' /><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td></tr>
</table>
</form>
sub getmd5 {
# Retrieve MD5 sum from $url.md5 file
- #
- my $md5buf = &geturl("$url.md5");
+
+ my $md5buf;
+ if ($snortsettings{'RULES'} eq 'subscripted') {
+ $md5buf = &geturl("http://dl.snort.org/reg-rules/snortrules-snapshot-2.8_s.tar.gz.md5?oink_code=$snortsettings{'OINKCODE'}");
+ } elsif ($snortsettings{'RULES'} eq 'registered') {
+ $md5buf = &geturl("http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz.md5?oink_code=$snortsettings{'OINKCODE'}");
+ } else {
+ $md5buf = &geturl("http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz.md5");
+ }
+
return undef unless $md5buf;
if (0) { # 1 to debug
my $filename='';
my $fh='';
- ($fh, $filename) = tempfile('/tmp/XXXXXXXX',SUFFIX => '.md5' );
+ ($fh, $filename) = tempfile('/var/tmp/XXXXXXXX',SUFFIX => '.md5' );
binmode ($fh);
syswrite ($fh, $md5buf->content);
close($fh);
}
+
return $md5buf->content;
}
sub downloadrulesfile {
my $filename='';
my $fh='';
- ($fh, $filename) = tempfile('/tmp/XXXXXXXX',SUFFIX => '.tar.gz' );#oinkmaster work only with this extension
+ ($fh, $filename) = tempfile('/var/tmp/XXXXXXXX',SUFFIX => '.tar.gz' );#oinkmaster work only with this extension
binmode ($fh);
syswrite ($fh, $return->content);
close($fh);