improve snortsam-redirect patch and update snort ebuild
This commit is contained in:
@ -1,7 +1,25 @@
|
||||
diff -ur snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.c snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.c
|
||||
--- snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.c 2012-05-20 18:33:57.271278999 +0400
|
||||
+++ snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.c 2012-05-20 19:18:47.383364414 +0400
|
||||
@@ -515,6 +515,7 @@
|
||||
+++ snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.c 2012-05-25 15:56:24.138470000 +0400
|
||||
@@ -456,10 +456,16 @@
|
||||
|
||||
/* Parses the duration of the argument, recognizing minutes, hours, etc..
|
||||
*/
|
||||
-unsigned long FWsamParseDuration(char *p)
|
||||
+unsigned long FWsamParseDuration(char *param)
|
||||
{ unsigned long dur=0,tdu;
|
||||
char *tok,c1,c2;
|
||||
|
||||
+ // Protect input string from overwriting it
|
||||
+ char tmpp[20];
|
||||
+ strncpy(tmpp,param,19);
|
||||
+ tmpp[19]=(char)0;
|
||||
+ char* p=tmpp;
|
||||
+
|
||||
while(*p)
|
||||
{ tok=p;
|
||||
while(*p && isdigit(*p))
|
||||
@@ -515,6 +521,7 @@
|
||||
optp->how=FWSAM_HOW_INOUT; /* inbound and outbound block */
|
||||
optp->who=FWSAM_WHO_SRC; /* the source */
|
||||
optp->loglevel=FWSAM_LOG_LONGALERT; /* the log level default */
|
||||
@ -9,7 +27,7 @@ diff -ur snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.c snort-2.9.2
|
||||
/* parse the fwsam keywords */
|
||||
|
||||
#ifdef FWSAMDEBUG
|
||||
@@ -566,6 +567,17 @@
|
||||
@@ -566,6 +573,17 @@
|
||||
optp->duration=0;
|
||||
else
|
||||
possprob=TRUE;
|
||||
@ -27,7 +45,7 @@ diff -ur snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.c snort-2.9.2
|
||||
}
|
||||
else if(!*ap)
|
||||
possprob=TRUE;
|
||||
@@ -879,7 +891,7 @@
|
||||
@@ -879,7 +897,7 @@
|
||||
sampacket.snortseqno[1]=(char)(station->myseqno>>8);
|
||||
sampacket.fwseqno[0]=(char)station->stationseqno;/* fill station seqno */
|
||||
sampacket.fwseqno[1]=(char)(station->stationseqno>>8);
|
||||
@ -36,6 +54,22 @@ diff -ur snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.c snort-2.9.2
|
||||
sampacket.version=FWSAM_PACKETVERSION; /* set packet version */
|
||||
sampacket.duration[0]=(char)optp->duration; /* set duration */
|
||||
sampacket.duration[1]=(char)(optp->duration>>8);
|
||||
@@ -912,10 +930,13 @@
|
||||
sampacket.sig_id[3]=(char)(event->sig_id>>24);
|
||||
|
||||
#ifdef FWSAMDEBUG
|
||||
- LogMessage("DEBUG => [Alert_FWsam] Sending BLOCK\n");
|
||||
+ if (optp->action==FWSAM_STATUS_REDIRECT)
|
||||
+ LogMessage("DEBUG => [Alert_FWsam] Sending REDIRECT\n");
|
||||
+ else
|
||||
+ LogMessage("DEBUG => [Alert_FWsam] Sending BLOCK\n");
|
||||
LogMessage("DEBUG => [Alert_FWsam] Snort SeqNo: %x\n",station->myseqno);
|
||||
LogMessage("DEBUG => [Alert_FWsam] Mgmt SeqNo : %x\n",station->stationseqno);
|
||||
- LogMessage("DEBUG => [Alert_FWsam] Status : %i\n",FWSAM_STATUS_BLOCK);
|
||||
+ LogMessage("DEBUG => [Alert_FWsam] Status : %i\n",optp->action);
|
||||
LogMessage("DEBUG => [Alert_FWsam] Mode : %i\n",optp->how|optp->who|optp->loglevel);
|
||||
LogMessage("DEBUG => [Alert_FWsam] Duration : %li\n",optp->duration);
|
||||
LogMessage("DEBUG => [Alert_FWsam] Protocol : %i\n",GET_IPH_PROTO(p));
|
||||
diff -ur snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.h snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.h
|
||||
--- snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.h 2012-05-20 18:33:57.270278999 +0400
|
||||
+++ snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.h 2012-05-20 19:02:01.695332482 +0400
|
||||
|
||||
Reference in New Issue
Block a user