Pinkbyte/pinkbyte-overlay
1
Fork 0
Code Releases Activity

snortsam: finally implementing proper cancel redirect request when timeout occurs

Browse Source
This commit is contained in:
Sergey Popov 2012-06-16 17:00:30 +04:00
parent b3fbdc0e60
commit c7f23f2d15
2 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
net-analyzer/snortsam/Manifest
View File

@ -1,4 +1,4 @@
AUX snortsam-2.70-redirect.patch 21776 RMD160 624bbde2c6802416d2faf3c9d6b89caf1d8b8935 SHA1 09a0ea5b9602162845ea08bff2726b282ea465f2 SHA256 492e7b054c432d99d95c4c89d08a843d0d269e48004440959e3a5a81d4b37759
AUX snortsam-2.70-redirect.patch 22221 RMD160 b5b5016c5817fb2c227764c0fe50049c95334f76 SHA1 d53afb3154b17489c945cffd06ddc72a4b32f761 SHA256 706bc4524a5818c5b0248fea4fb912618aec186b087915ab53c3ea0ab848e3a8
DIST snortsam-2.50-ciscoacl.diff.bz2 7295 RMD160 91d36fecc3fcf14de5ed964928d69ef3cc167bae SHA1 c887162193df59bff2f3fb2fe0ae0aec253314ce SHA256 a4f39789e9f10b95e6db1bbce5f9d26f7393161311f5c955a4b8380186a2cb6b
DIST snortsam-src-2.70.tar.gz 1971624 RMD160 336b0c701754d0688e2ebc967cfdbb3f9bc2fe32 SHA1 9cc7f9aad927217fbda75de038d0489b8e5f3a9e SHA256 442040a7281a641008f6410b7f6528d709f17d5041fd3752011075f8a38d19bc
EBUILD snortsam-2.70-r9999.ebuild 1598 RMD160 9b1d28cb4ee1865c2f6f166903824f6fff91e08b SHA1 57f138c4d7868f7bea169e1f0317f657a784325a SHA256 bfafe9ab2046e19abcfcf8d8a676e5dd264e9f0f6fad277ec4ba5bfd47238759

21
net-analyzer/snortsam/files/snortsam-2.70-redirect.patch
View File

@ -84,8 +84,8 @@ diff -ur snortsam-2.7.0-orig/src/snortsam.h snortsam/src/snortsam.h
void clearhistory(void);
diff -ur snortsam-2.7.0-orig/src/ssp_iptables.c snortsam/src/ssp_iptables.c
--- snortsam-2.7.0-orig/src/ssp_iptables.c 2012-05-20 20:59:46.275601000 +0400
+++ snortsam/src/ssp_iptables.c 2012-06-15 19:58:38.620383000 +0400
@@ -123,204 +123,214 @@
+++ snortsam/src/ssp_iptables.c 2012-06-16 16:53:06.430453000 +0400
@@ -123,204 +123,227 @@
printf("Debug: [iptables][%lx] Plugin Blocking...\n",threadid);
#endif
@ -380,6 +380,7 @@ diff -ur snortsam-2.7.0-orig/src/ssp_iptables.c snortsam/src/ssp_iptables.c
+ {
+ snprintf(msg,sizeof(msg)-1,"Info: UnBlocking ip %s", inettoa(bd->blockip));
+ logmessage(1,msg,"iptables",0);
+
+switch(bd->mode&FWSAM_HOW)
+ { case FWSAM_HOW_IN:
+ /* Assemble command */
@ -416,9 +417,17 @@ diff -ur snortsam-2.7.0-orig/src/ssp_iptables.c snortsam/src/ssp_iptables.c
+ }
+ break;
+ case FWSAM_HOW_INOUT:
+{
+ char* cmdstr_fwd;
+ char cmdstr_fwd_unredirect[]="/sbin/iptables -t mangle -D PREROUTING -i %s -s %s -j MARK --set-mark 255";
+ char cmdstr_fwd_unblock[]="/sbin/iptables -D FORWARD -i %s -s %s -j DROP";
+ if (bd->type==FWSAM_STATUS_BLOCK)
+ cmdstr_fwd=cmdstr_fwd_unblock;
+ else
+ cmdstr_fwd=cmdstr_fwd_unredirect;
+ /* Assemble command - block src*/
+ if ((snprintf(iptcmd,sizeof(iptcmd)-1,
+ "/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
+ cmdstr_fwd,
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) || (snprintf(iptcmd1,sizeof(iptcmd1)-1,
+ "/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) {
@ -426,6 +435,7 @@ diff -ur snortsam-2.7.0-orig/src/ssp_iptables.c snortsam/src/ssp_iptables.c
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (bd->type==FWSAM_STATUS_BLOCK)
+ if ((snprintf(iptcmd2,sizeof(iptcmd2)-1,
+ "/sbin/iptables -D INPUT -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) || (snprintf(iptcmd4,sizeof(iptcmd4)-1,
@ -435,6 +445,7 @@ diff -ur snortsam-2.7.0-orig/src/ssp_iptables.c snortsam/src/ssp_iptables.c
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+}
+ break;
+ case FWSAM_HOW_THIS:
+ /* Assemble command */
@ -467,7 +478,8 @@ diff -ur snortsam-2.7.0-orig/src/ssp_iptables.c snortsam/src/ssp_iptables.c
+ snprintf(msg,sizeof(msg)-1,"Info: Command %s Executed Successfully", iptcmd);
+ logmessage(3,msg,"iptables",0);
+ }
+ if (system(iptcmd2) != 0) {
+ if (bd->type==FWSAM_STATUS_BLOCK)
+ if (system(iptcmd2) != 0) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s Failed", iptcmd2);
+ logmessage(1,msg,"iptables",0);
+ } else {
@ -485,6 +497,7 @@ diff -ur snortsam-2.7.0-orig/src/ssp_iptables.c snortsam/src/ssp_iptables.c
+ snprintf(msg,sizeof(msg)-1,"Info: Command %s Executed Successfully", iptcmd1);
+ logmessage(3,msg,"iptables",0);
+ }
+ if (bd->type==FWSAM_STATUS_BLOCK)
+ if (system(iptcmd4) != 0) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s Failed", iptcmd4);
+ logmessage(1,msg,"iptables",0);