Wenn jemand sich bei Snort registriert hat, muss dieses unter oinkmaster2.0/oink
code.txt abgelegt werden. Die Rules können dann mit dem Script oinkmaster.update
abgeglichen werden. Dieses Script kann dann später vom Webserver gestartet werd
en, das müssen wir dann noch anpassen, wenn das Interface eingerichtet wird.
Start und Stop ist als init Script eingerichtet.
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@514
ea5c0bd1-69bd-2848-81d8-
4f18e57aeed8
etc/rc.d/init.d/red
etc/rc.d/init.d/sendsignals
etc/rc.d/init.d/setclock
+etc/rc.d/init.d/snort
etc/rc.d/init.d/squid
etc/rc.d/init.d/sshd
etc/rc.d/init.d/swap
-usr/local/bin/oinkmaster.pl
+#usr/local/bin/oinkmaster.pl
var/ipfire/snort/oinkmaster.conf
* cyrus-imapd-2.2.12
* cyrus-sasl-2.1.21
* db-4.4.20
+* dbus-0.62
* dhcp-3.0.4
* dhcpcd-2.0.8
* diffutils-2.8.1
* groff-1.18.1.1
* grub-0.97
* gzip-1.3.5
+* hal-0.5.7.1
* hddtemp-0.3-beta14
* hdparm-6.6
* htop-0.6.2
* httpd-2.2.2
* hwdata-0.191
+* hwinfo-ipfire
* iana-etc-2.10
* ibod
* iftop-0.17
* ipp2p-0.8.2-iptables
* iproute2-2.6.16-060323
* iptables-1.3.5
+* iptraf-3.0.0
* iptstate-2.1
* iputils-ss020927
* isapnptools-1.26
* mpg123-0.59r
* mtools-3.9.10
* mysql-5.0.24a
+* nagios-2.5
* nano-1.2.5
* nash
* nasm-0.98.39
* ntp-4.2.2
* ocaml-3.09.2
* oinkmaster-1.2
+* oinkmaster-2.0
* openldap-2.3.20
* openssh-4.3p2
* openssl-0.9.8d
* slang-2.0.6
* smartmontools-5.36
* snort-2.3.3
+* snort-2.6.1.4
* sox-12.18.1
* spandsp-0.0.3pre24
* squashfs3.2-r2
include Config
-VER = 1.2
-
+VER = 2.0
THISAPP = oinkmaster-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 23dc212f3a5a93ab32253edb379cb724
+$(DL_FILE)_MD5 = fd37d0391ed7b40b84a1b7907cb89508
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && install -m 0644 $(DIR_SRC)/config/cfgroot/oinkmaster.conf $(CONFIG_ROOT)/snort
- cd $(DIR_APP) && chown -R nobody:nobody /var/ipfire/snort/oinkmaster.conf
- cd $(DIR_APP) && install -m 0755 oinkmaster.pl /usr/local/bin
- cd $(DIR_APP) && chown -R nobody:nobody /usr/local/bin/oinkmaster.pl
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && chown -R nobody:nobody oinkmaster.pl
+ cd $(DIR_APP) && cp -R $(DIR_SRC)/$(THISAPP) /etc/snort
+ cp $(DIR_SRC)/$(THISAPP)/oinkmaster.pl /usr/local/bin/
@rm -rf $(DIR_APP)
@$(POSTBUILD)
include Config
-VER = 2.3.3
+VER = 2.6.1.4
THISAPP = snort-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 06bf140893e7cb120aaa9372d10a0100
+$(DL_FILE)_MD5 = 70e7f297c9fcf1f46d6fa3e1bb4aae49
install : $(TARGET)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls \
--sysconfdir=/etc/snort \
- --enable-linux-smp-stats
- cd $(DIR_APP) && make $(MAKETUNING)
+ --enable-linux-smp-stats --enable-smb-alerts
+ cd $(DIR_APP) && make
cd $(DIR_APP) && make install
mv /usr/bin/snort /usr/sbin/
-mkdir /etc/snort
- cd $(DIR_APP) && install -m 0644 rules/*.rules \
- etc/unicode.map etc/reference.config etc/classification.config /etc/snort
+
+ # Snort 2.6.X dount use the Directory rules
+ # cd $(DIR_APP) && install -m 0644 rules/*.rules \
+ # etc/unicode.map etc/reference.config etc/classification.config /etc/snort
install -m 0644 $(DIR_SRC)/config/snort/snort.conf /etc/snort
chown -R nobody:nobody /etc/snort
-mkdir -p /var/log/snort
--- /dev/null
+#!/bin/sh
+#
+# setting and configure Parameter
+
+cd /etc/snort
+snort=/usr/sbin/snort
+vars=/etc/snort/vars
+eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
+HOME_NET=`echo $GREEN_NETADDRESS`
+EXTERMAL_NET="EXTERNAL_NET=ANY"
+
+# setting the snort sensore to the interface !!
+DEVICE=`echo $GREEN_DEV`
+PIDFILE=/var/run/snort_$DEVICE.pid
+startparameter=" -c snort.conf -i $DEVICE -D -l /var/log/snort --pid-path $PIDFILE"
+
+
+#create the DYNAMIC vars Variable of Snort
+ echo "var HOME_NET $HOME_NET" > $vars
+ echo "var EXTERNAL_NET ANY" >> $vars
+
+
+# Begin $rc_base/init.d/snort
+
+. /etc/sysconfig/rc
+. $rc_functions
+
+case "$1" in
+ start)
+ boot_mesg "Starting snort..."
+ loadproc $snort $startparameter
+ ;;
+
+ stop)
+ boot_mesg "Stopping snort..."
+ killproc -p $PIDFILE /var/run
+ ;;
+
+ status)
+ statusproc /usr/sbin/snort
+ ;;
+
+ *)
+ echo "Usage: $0 {start|stop|status}"
+ exit 1
+ ;;
+esac
+
+# End $rc_base/init.d/snort