aboutsummaryrefslogtreecommitdiff
path: root/net/snort3/files/snort-mgr
Commit message (Collapse)AuthorAge
* snort3: fix bug with unset variableEric Fahlgren2024-04-27
| | | | | | | | - Parameter not set in two places: /usr/bin/snort-mgr: eval: line 125: options: parameter not set Reported-by: @klingon888 Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
* snort3: improve script reliabilityEric Fahlgren2024-02-07
| | | | | | | - Enable missing variable checking by default - Explicitly check variables are defined in all 'rm' commands Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
* snort3: finish up several incomplete capabilitiesEric Fahlgren2024-02-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reporting - Use json alert data for 10x speed improvement in report generation - Include both gid and sid, plus packet direction in report output - Add by-date incident filtering - Add verbose mode which displays actual rules triggered and their source - Attempt to look up host names from IPs in verbose mode - Clean up display of port number involved in incidents Rules - Complete downloader for subscription rules using oinkcode (only tested with snort.org's "free" tier subscription) - Auto-detect multiple rules files and include them in lua 'ips.rules' - Add '--backup' option to copy out current rules before installing new - Add '--persistent' option to 'snort-rules', storing in persistent location CLI interface - Completely rework command line option parsing in all user scripts - Allow options and commands to be in any order on command line - Add long-form names for all options ('--help' for '-h' and so on) - Detect errors properly in options, enhance help pages Bug fixes - Use 'mkdir -p' on all directory creation - Use proper tmp directory from 'snort.snort.temp_dir' everywhere Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
* snort3: add missing config include and general cleanupEric Fahlgren2023-12-16
| | | | | | | | | | | | | - Delete legacy configuration files homenet.lua and local.lua - Add snort config 'include' to allow user customizations in the lua - Enhance 'check' to test generated nftables file - Suppress inclusion of rules file when doing silent config check - Suppress warnings on configuration check unless '-v'erbose - Replace text logging with json logging to reduce footprint and make reports easier - Fix some typos in the snort.uc template - Fix up some error messages suggesting solutions Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
* snort3: complete reworkEric Fahlgren2023-12-03
- Add many options to config file. - Move rules and generated snort.lua to /tmp. - Add script for downloading rules. - Add preliminary reporting capabilites. Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Powered by cgit, Themed by Ted Yin.