X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Fids.cgi;h=1cf5b8dec5bcf88e574847115be9064ad5ac52c7;hp=76b846ad91db227a2495153a8f8a5e5f2a149b20;hb=d192af92100ad3a7a712e2b22b3a12342b68a907;hpb=7a0d389365d01b944ea67e725fad0773653753b2
diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 76b846ad91..1cf5b8dec5 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -264,9 +264,11 @@ if (-e "/etc/snort/snort.conf") {
####################### End added for snort rules control #################################
if ($snortsettings{'RULES'} eq 'subscripted') {
- $url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8_s.tar.gz";
+ $url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8_s.tar.gz?oink_code=$snortsettings{'OINKCODE'}";
+ #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8_s.tar.gz";
} elsif ($snortsettings{'RULES'} eq 'registered') {
- $url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8.tar.gz";
+ $url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz?oink_code=$snortsettings{'OINKCODE'}";
+ #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8.tar.gz";
} else {
$url="http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz";
}
@@ -348,8 +350,8 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'}) {
$realmd5 = `/usr/bin/md5sum $filename`;
chomp ($realmd5);
$realmd5 =~ s/^(\w+)\s.*$/$1/;
- if ($md5 ne $realmd5) {
- $errormessage = "$Lang::tr{'invalid md5sum'}";
+ if ( $md5 ne $realmd5 ) {
+ $errormessage = "$Lang::tr{'invalid md5sum'} - $md5 - $realmd5";
} else {
$results = "$Lang::tr{'installed updates'}\n";
$results .=`/usr/local/bin/oinkmaster.pl -s -u file://$filename -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules 2>&1`;
@@ -678,18 +680,27 @@ END
sub getmd5 {
# Retrieve MD5 sum from $url.md5 file
- #
- my $md5buf = &geturl("$url.md5");
+
+ my $md5buf;
+ if ($snortsettings{'RULES'} eq 'subscripted') {
+ $md5buf = &geturl("http://dl.snort.org/reg-rules/snortrules-snapshot-2.8_s.tar.gz.md5?oink_code=$snortsettings{'OINKCODE'}");
+ } elsif ($snortsettings{'RULES'} eq 'registered') {
+ $md5buf = &geturl("http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz.md5?oink_code=$snortsettings{'OINKCODE'}");
+ } else {
+ $md5buf = &geturl("http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz.md5");
+ }
+
return undef unless $md5buf;
if (0) { # 1 to debug
my $filename='';
my $fh='';
- ($fh, $filename) = tempfile('/tmp/XXXXXXXX',SUFFIX => '.md5' );
+ ($fh, $filename) = tempfile('/var/tmp/XXXXXXXX',SUFFIX => '.md5' );
binmode ($fh);
syswrite ($fh, $md5buf->content);
close($fh);
}
+
return $md5buf->content;
}
sub downloadrulesfile {
@@ -703,7 +714,7 @@ sub downloadrulesfile {
my $filename='';
my $fh='';
- ($fh, $filename) = tempfile('/tmp/XXXXXXXX',SUFFIX => '.tar.gz' );#oinkmaster work only with this extension
+ ($fh, $filename) = tempfile('/var/tmp/XXXXXXXX',SUFFIX => '.tar.gz' );#oinkmaster work only with this extension
binmode ($fh);
syswrite ($fh, $return->content);
close($fh);