X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Fids.cgi;h=d9082979dcc94bea2d4f9780fff2345a089992fc;hp=d0d757841e2ca8823e9d79b73542d8a283819d9b;hb=32810952ccb7190822848f75b4c417f6e1b9ad5f;hpb=f9c2147dee7e3d9592abaddcf176816af3f5a3cc;ds=sidebyside diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index d0d757841e..d9082979dc 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -26,8 +26,8 @@ use File::Temp qw/ tempfile tempdir /; use strict; # enable only the following on debugging purpose -#use warnings; -#use CGI::Carp 'fatalsToBrowser'; +use warnings; +use CGI::Carp 'fatalsToBrowser'; require '/var/ipfire/general-functions.pl'; require "${General::swroot}/lang.pl"; @@ -43,8 +43,6 @@ my %checked=(); my %selected=(); my %netsettings=(); our $errormessage = ''; -our $md5 = '0';# not '' to avoid displaying the wrong message when INSTALLMD5 not set -our $realmd5 = ''; our $results = ''; our $tempdir = ''; our $url=''; @@ -69,7 +67,6 @@ $snortsettings{'ACTION2'} = ''; $snortsettings{'RULES'} = ''; $snortsettings{'OINKCODE'} = ''; $snortsettings{'INSTALLDATE'} = ''; -$snortsettings{'INSTALLMD5'} = ''; &Header::getcgihash(\%snortsettings, {'wantfile' => 1, 'filevar' => 'FH'}); @@ -263,10 +260,12 @@ if (-e "/etc/snort/snort.conf") { ####################### End added for snort rules control ################################# if ($snortsettings{'RULES'} eq 'subscripted') { - $url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8_s.tar.gz?oink_code=$snortsettings{'OINKCODE'}"; + #$url="http://dl.snort.org/sub-rules/snortrules-snapshot-2.8_s.tar.gz?oink_code=$snortsettings{'OINKCODE'}"; + $url="http://dl.snort.org/sub-rules/snortrules-snapshot-2853_s.tar.gz?oink_code=$snortsettings{'OINKCODE'}"; #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8_s.tar.gz"; } elsif ($snortsettings{'RULES'} eq 'registered') { $url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz?oink_code=$snortsettings{'OINKCODE'}"; + #$url="http://dl.snort.org/reg-rules/snortrules-snapshot-2853.tar.gz?oink_code=$snortsettings{'OINKCODE'}"; #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8.tar.gz"; } else { $url="http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz"; @@ -340,25 +339,30 @@ END &General::readhash("${General::swroot}/snort/settings", \%snortsettings); if ($snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'}) { - $md5 = &getmd5; - if (($snortsettings{'INSTALLMD5'} ne $md5) && defined $md5 ) { - chomp($md5); - my $filename = &downloadrulesfile(); - if (defined $filename) { - # Check MD5sum - $realmd5 = `/usr/bin/md5sum $filename`; - chomp ($realmd5); - $realmd5 =~ s/^(\w+)\s.*$/$1/; - if ( $md5 ne $realmd5 ) { - $errormessage = "$Lang::tr{'invalid md5sum'} - $md5 - $realmd5"; + + my @df = `/bin/df -B M /var`; + foreach my $line (@df) { + next if $line =~ m/^Filesystem/; + + if ($line =~ m/dev/ ) { + $line =~ m/^.* (\d+)M.*$/; + my @temp = split(/ +/,$line); + if ($1<600) { + $errormessage = "$Lang::tr{'not enough disk space'} < 600MB, /var $1MB"; } else { - $results = "$Lang::tr{'installed updates'}\n
"; - $results .=`/usr/local/bin/oinkmaster.pl -s -u file://$filename -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules 2>&1`; - $results .= ""; + my $filename = &downloadrulesfile(); + if (defined $filename) { + $results = "$Lang::tr{'installed updates'}\n
"; + $results .=`/usr/local/bin/oinkmaster.pl -s -u file://$filename -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules 2>&1`; + $results .= ""; + } + unlink ($filename); } - unlink ($filename); + } } + + } $checked{'ENABLE_SNORT'}{'off'} = ''; @@ -467,16 +471,12 @@ print <