From be9e0412c4035f3089880498ee149add999b63f1 Mon Sep 17 00:00:00 2001 From: maniacikarus Date: Wed, 3 Jun 2009 20:46:47 +0200 Subject: [PATCH] Fixed Snort new url and changed md5 --- html/cgi-bin/ids.cgi | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 76b846ad91..52ca549811 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -264,9 +264,11 @@ if (-e "/etc/snort/snort.conf") { ####################### End added for snort rules control ################################# if ($snortsettings{'RULES'} eq 'subscripted') { - $url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8_s.tar.gz"; + $url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8_s.tar.gz?oink_code=$snortsettings{'OINKCODE'}"; + #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8_s.tar.gz"; } elsif ($snortsettings{'RULES'} eq 'registered') { - $url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8.tar.gz"; + $url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz?oink_code=$snortsettings{'OINKCODE'}"; + #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8.tar.gz"; } else { $url="http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz"; } @@ -348,8 +350,8 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'}) { $realmd5 = `/usr/bin/md5sum $filename`; chomp ($realmd5); $realmd5 =~ s/^(\w+)\s.*$/$1/; - if ($md5 ne $realmd5) { - $errormessage = "$Lang::tr{'invalid md5sum'}"; + if ( $md5 ne $realmd5 ) { + $errormessage = "$Lang::tr{'invalid md5sum'} - $md5 - $realmd5"; } else { $results = "$Lang::tr{'installed updates'}\n
";
 				$results .=`/usr/local/bin/oinkmaster.pl -s -u file://$filename -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules 2>&1`;
@@ -678,19 +680,30 @@ END
 
 sub getmd5 {
 	# Retrieve MD5 sum from $url.md5 file
-	#
-	my $md5buf = &geturl("$url.md5");
+
+	my $md5buf;
+	if ($snortsettings{'RULES'} eq 'subscripted') {
+		$md5buf = &geturl("http://dl.snort.org/reg-rules/snortrules-snapshot-2.8_s.tar.gz.md5?oink_code=$snortsettings{'OINKCODE'}");
+	} elsif ($snortsettings{'RULES'} eq 'registered') {
+		$md5buf = &geturl("http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz.md5?oink_code=$snortsettings{'OINKCODE'}");
+	} else {
+		$md5buf = &geturl("http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz.md5");
+	}
+
 	return undef unless $md5buf;
 
 	if (0) { # 1 to debug
 		my $filename='';
 		my $fh='';
-		($fh, $filename) = tempfile('/tmp/XXXXXXXX',SUFFIX => '.md5' );
+		($fh, $filename) = tempfile('/var/tmp/XXXXXXXX',SUFFIX => '.md5' );
 		binmode ($fh);
 		syswrite ($fh, $md5buf->content);
 		close($fh);
 	}
-	return $md5buf->content;
+	
+	my @temp=split(/= /,$md5buf->content);
+	
+	return $temp[1];
 }
 sub downloadrulesfile {
 	my $return = &geturl($url);
@@ -703,7 +716,7 @@ sub downloadrulesfile {
 
 	my $filename='';
 	my $fh='';
-	($fh, $filename) = tempfile('/tmp/XXXXXXXX',SUFFIX => '.tar.gz' );#oinkmaster work only with this extension
+	($fh, $filename) = tempfile('/var/tmp/XXXXXXXX',SUFFIX => '.tar.gz' );#oinkmaster work only with this extension
 	binmode ($fh);
 	syswrite ($fh, $return->content);
 	close($fh);
-- 
2.39.2