$snortsettings{'ENABLE_SNORT_GREEN'} = 'off';
$snortsettings{'ENABLE_SNORT_BLUE'} = 'off';
$snortsettings{'ENABLE_SNORT_ORANGE'} = 'off';
+$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} = 'off';
$snortsettings{'ENABLE_GUARDIAN'} = 'off';
$snortsettings{'GUARDIAN_INTERFACE'} = `cat /var/ipfire/red/iface`;
$snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'} = '1';
# Loop over each line
foreach my $line (@snortconfig) {
- # Trim the line
+ # Trim the line
chomp $line;
+ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'}) {
+ # Check for preprocessor settings
+ if ($line =~ /preprocessor http_inspect:/) {
+ # Strip out leading # from rule line
+ $line =~ s/\# ?//i;
+ if (($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'off')) {
+ $line = "# $line";
+ }
+ }
+ }
+
# Check for a line with .rules
if ($line =~ /\.rules$/) {
# Parse out rule file name
if (!exists $snortsettings{"SNORT_RULE_$rule"}) {
$line = "# $line";
}
+
}
# Check for rule state
} else {
unlink "${General::swroot}/snort/enable_orange";
}
+ if ($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'on')
+ {
+ system ('/usr/bin/touch', "${General::swroot}/snort/enable_preprocessor_http_inspect");
+ } else {
+ unlink "${General::swroot}/snort/enable_preprocessor_http_inspect";
+ }
if ($snortsettings{'ENABLE_GUARDIAN'} eq 'on')
{
system ('/usr/bin/touch', "${General::swroot}/guardian/enable");
unlink "${General::swroot}/guardian/enable";
}
- system('/usr/local/bin/snortctrl restart >/dev/null');
+ system('/usr/local/bin/snortctrl restart >/dev/null');
} elsif ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "guardian" ){
open(IGNOREFILE, ">$snortsettings{'GUARDIAN_IGNOREFILE'}") or die "Unable to write guardian ignore file $snortsettings{'GUARDIAN_IGNOREFILE'}";
$checked{'ENABLE_SNORT_ORANGE'}{'off'} = '';
$checked{'ENABLE_SNORT_ORANGE'}{'on'} = '';
$checked{'ENABLE_SNORT_ORANGE'}{$snortsettings{'ENABLE_SNORT_ORANGE'}} = "checked='checked'";
+$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'off'} = '';
+$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'on'} = '';
+$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}} = "checked='checked'";
$checked{'ENABLE_GUARDIAN'}{'off'} = '';
$checked{'ENABLE_GUARDIAN'}{'on'} = '';
$checked{'ENABLE_GUARDIAN'}{$snortsettings{'ENABLE_GUARDIAN'}} = "checked='checked'";
<tr>
<td><hr /></td>
</tr>
+<tr>
+ <td><b>$Lang::tr{'ids preprocessor'}</b></td>
+</tr>
+<tr>
+ <td><input type='checkbox' name='ENABLE_PREPROCESSOR_HTTP_INSPECT' $checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'on'} /> http_inspect
+<tr>
+ <td><hr /></td>
+</tr>
<tr>
<td><b>$Lang::tr{'ids rules update'}</b></td>
</tr>
'ids rules license2' => 'Bestätigen Sie die Lizenz, empfangen Sie Ihr Passwort per email und gehen Sie auf die Website. Gehen Sie zu',
'ids rules license3' => 'klicken Sie den \'Get Code\' Knopf am Fuß und kopieren den 40-Zeichen Oink Code in das untere Feld.',
'ids rules update' => 'Snort Regeln Update',
+'ids preprocessor' => 'Snort Präprozessor',
'iface' => 'Iface',
'ignore filter' => '"Ignorieren"-Filter',
'ike encryption' => 'IKE Verschlüsselung:',
'ids rules license2' => 'Acknowledge the license, receive your password by email, and connect to the site. Go to',
'ids rules license3' => 'press the \'Get Code\' button at the bottom and copy the 40 character Oink Code into the field below.',
'ids rules update' => 'Snort rules update',
+'ids preprocessor' => 'Snort preprocessor',
'iface' => 'Iface',
'ignore filter' => 'Ignore filter',
'ike encryption' => 'IKE Encryption:',
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 2.0.4
+
+THISAPP = iperf-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+PROG = iperf
+PAK_VER = 1
+
+DEPS = ""
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 8c5bc14cc2ea55f18f22afe3c23e3dcb
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+dist:
+ @$(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && ./configure --prefix=/usr
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 0.7.1
+
+THISAPP = netcat-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+PROG = netcat
+PAK_VER = 1
+
+DEPS = ""
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 088def25efe04dcdd1f8369d8926ab34
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+dist:
+ @$(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && ./configure --prefix=/usr
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
ipfiremake bluetooth
ipfiremake gutenprint
ipfiremake apcupsd
+ ipfiremake iperf
+ ipfiremake netcat
echo Build on $HOSTNAME > $BASEDIR/build/var/ipfire/firebuild
cat /proc/version >> $BASEDIR/build/var/ipfire/firebuild
echo >> $BASEDIR/build/var/ipfire/firebuild
char green_broadcast[STRING_SIZE];
char root_password[STRING_SIZE];
char admin_password[STRING_SIZE];
+ char restore_file[STRING_SIZE];
findkey(unattendedkv, "DOMAINNAME", domainname);
findkey(unattendedkv, "HOSTNAME", hostname);
findkey(unattendedkv, "GREEN_BROADCAST", green_broadcast);
findkey(unattendedkv, "ROOT_PASSWORD", root_password);
findkey(unattendedkv, "ADMIN_PASSWORD", admin_password);
+ findkey(unattendedkv, "RESTORE_FILE", restore_file);
/* write main/settings. */
replacekeyvalue(mainsettings, "DOMAINNAME", domainname);
return 0;
}
+ /* restore backup */
+ if (restore_file != "") {
+ fprintf(flog, "unattended: Restoring Backup\n");
+ snprintf(commandstring, STRING_SIZE,
+ "cd /harddisk && /bin/tar -xvz --preserve -f /cdrom/%s", restore_file);
+ if (mysystem(commandstring)) {
+ errorbox("unattended: ERROR setting admin password");
+ return 0;
+ }
+
fprintf(flog, "unattended: Setup ended\n");
return 1;
}