Das kleine AJAX-Bandbreitenmeter gefixt. Zeigte zu hohe Werte aufgrund eines Berechnungsfehlers an und die XML-Schnittstelle wurde nicht korrekt angesprochen.

Bootsplash-Bilder entfernt.
Snort-Scripte nochmal getestet. Laedt die Updates korrekt und wird auch korrekt gestartet.
Snortctrl geschrieben, welche noch nicht aufgerufen wird.
Grub-Patch verschoben.
Clamav-Update.
CDRom-Auswurf getestet.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@606 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8

src/initscripts/init.d/snort

@@ -55,32 +55,36 @@ DNS2=`cat /var/ipfire/red/dns2`
 if [ "$DNS2" ]; then
 	echo "var DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars
 else
-	echo "car DNS_SERVERS $DNS1" >> /etc/snort/vars
+	echo "var DNS_SERVERS $DNS1" >> /etc/snort/vars
 fi 
 
 case "$1" in
 	start)
 		for DEVICE in $DEVICES; do
 			boot_mesg "Starting Intrusion Detection System on $DEVICE..."
-			loadproc /usr/sbin/snort -c snort.conf -i $DEVICE -D -l /var/log/snort --pid-path /var/run/snort_$DEVICE.pid
+			/usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --pid-path /var/run/snort_$DEVICE.pid
+			evaluate_retval
 		done
 		;;
+		
 	stop)
 		for DEVICE in $DEVICES; do
 			boot_mesg "Stopping Intrusion Detection System on $DEVICE..."
 			killproc -p /var/run/snort_$DEVICE.pid /var/run
 		done
 		;;
+		
 	status)
 		statusproc /usr/sbin/snort
 		;;
+		
 	restart)
 		$0 stop
 		$0 start
 		;;
 		
 	*)
-		echo "Usage: $0 {start|stop|restart|status|update}"
+		echo "Usage: $0 {start|stop|restart|status}"
 		exit 1
 		;;
 esac

src/install+setup/install/Makefile

@@ -23,8 +23,7 @@ clean :
 
 ######
 
-OBJS=main.o ide.o cdrom.o nic.o net.o config.o ../libsmooth/libsmooth.o \
-	usb.o scsi.o unattended.o
+OBJS=main.o ide.o nic.o net.o config.o ../libsmooth/libsmooth.o usb.o scsi.o unattended.o
 
 install: $(OBJS)
 	$(LINK) $(OBJS) -o $@ $(LIBS)

src/install+setup/install/cdrom.c

@@ -1,27 +0,0 @@
-/* SmoothWall install program.
- *
- * This program is distributed under the terms of the GNU General Public
- * Licence.  See the file COPYING for details.
- *
- * (c) Lawrence Manning, 2001
- * CDROM menu. Get "misc" driver name etc. 
- *
- */
-
-#include "install.h"
-
-extern FILE *flog;
-extern char *mylog;
-
-extern char **ctr;
-
-/* Ejects the CDROM.  returns 0 for failure, 1 for success. */
-int ejectcdrom(char *dev)
-{
-	char command;
-	sprintf(command, "eject -r /dev/%s", dev);
-	if (mysystem(command))
-		return 0;
-	else
-		return 1;
-}

src/install+setup/install/main.c

@@ -606,7 +606,8 @@ int main(int argc, char *argv[])
 	mysystem("ln -s grub.conf /harddisk/boot/grub/menu.lst");
 	
 	mysystem("umount /cdrom");
-	ejectcdrom(sourcedrive);
+	snprintf(commandstring, STRING_SIZE, "eject /dev/%s", sourcedrive);
+	mysystem(commandstring);
 
 	if (!unattended) {
 		sprintf(message, ctr[TR_CONGRATULATIONS_LONG],

src/misc-progs/Makefile

@@ -6,7 +6,7 @@ COMPILE=$(CC) $(CFLAGS)
 PROGS = iowrap
 SUID_PROGS = setdmzholes setportfw setfilters setxtaccess \
 	squidctrl restartssh ipfirereboot setaliases \
-	ipsecctrl timectrl dhcpctrl restartsnort \
+	ipsecctrl timectrl dhcpctrl snortctrl \
 	monitorTraff restartapplejuice rebuildhosts \
 	restartsyslogd logwatch openvpnctrl \
 	restartwireless getipstat qosctrl launch-ether-wake \
@@ -100,8 +100,8 @@ restartssh: restartssh.c setuid.o ../install+setup/libsmooth/varval.o
 squidctrl: squidctrl.c setuid.o ../install+setup/libsmooth/varval.o
 	$(COMPILE) -I../install+setup/libsmooth/ squidctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@
 
-restartsnort: restartsnort.c setuid.o ../install+setup/libsmooth/varval.o
-	$(COMPILE) -I../install+setup/libsmooth/ restartsnort.c setuid.o ../install+setup/libsmooth/varval.o -o $@
+snortctrl: snortctrl.c setuid.o ../install+setup/libsmooth/varval.o
+	$(COMPILE) -I../install+setup/libsmooth/ snortctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@
 
 restartsyslogd: restartsyslogd.c setuid.o ../install+setup/libsmooth/varval.o
 	$(COMPILE) -I../install+setup/libsmooth/ restartsyslogd.c setuid.o ../install+setup/libsmooth/varval.o -o $@

src/misc-progs/restartsnort.c

@@ -1,326 +0,0 @@
-/* SmoothWall helper program - restartsnort
- *
- * This program is distributed under the terms of the GNU General Public
- * Licence.  See the file COPYING for details.
- *
- * (c) Lawrence Manning, 2001
- * Restarting snort.
- * 
- * $Id: restartsnort.c,v 1.8.2.3 2005/10/16 12:36:14 rkerr Exp $
- * 
- */
- 
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <string.h>
-#include <fcntl.h>
-#include <signal.h>
-#include "libsmooth.h"
-#include "setuid.h"
-
-struct keyvalue *kv = NULL;
-FILE *varsfile = NULL;
-
-void exithandler(void)
-{
-	if (varsfile)
-		fclose (varsfile);
-
-	if (kv)
-		freekeyvalues(kv);
-}
-
-int killsnort(char *interface)
-{
-	int fd;
-	char pidname[STRING_SIZE] = "";
-	char buffer[STRING_SIZE] = "";
-	int pid;
-
-	sprintf(pidname, "/var/run/snort_%s.pid", interface);
-
-	if ((fd = open(pidname, O_RDONLY)) != -1)
-	{
-		if (read(fd, buffer, STRING_SIZE - 1) == -1)
-			fprintf(stderr, "Couldn't read from pid file\n");
-		else
-		{
-			pid = atoi(buffer);
-			if (pid <= 1)
-				fprintf(stderr, "Bad pid value\n");
-			else
-			{
-				if (kill(pid, SIGTERM) == -1)
-					fprintf(stderr, "Unable to send SIGTERM\n");
-				close (fd);
-				return 0;
-			}
-		}
-		close(fd);
-	}
-	return 1;
-}
-
-int main(int argc, char *argv[])
-{
-	int fd = -1;
-	FILE *ifacefile, *ipfile, *dns1file, *dns2file;
-	char iface[STRING_SIZE] = "";
-	char locip[STRING_SIZE] = "";
-	char dns1[STRING_SIZE] = "";
-	char dns2[STRING_SIZE] = "";
-	char command[STRING_SIZE] = "";
-	char greendev[STRING_SIZE] = "";
-	char orangedev[STRING_SIZE] = "";
-	char bluedev[STRING_SIZE] = "";
-	char greenip[STRING_SIZE] = "";
-	char orangeip[STRING_SIZE] = "";
-	char blueip[STRING_SIZE] = "";
-	struct stat st;
-	int i;
-	int restartred = 0, restartgreen = 0, restartblue = 0, restartorange = 0;
-	
-	if (!(initsetuid()))
-		exit(1);
-	
-	atexit(exithandler);
-
-	for (i=0; i<argc; i++) {
-		if (!strcmp(argv[i], "red"))
-			restartred = 1;
-		if (!strcmp(argv[i], "orange"))
-			restartorange = 1;
-		if (!strcmp(argv[i], "blue"))
-			restartblue = 1;
-		if (!strcmp(argv[i], "green"))
-			restartgreen = 1;
-	}
-	
-	kv = initkeyvalues();
-	if (!(readkeyvalues(kv, CONFIG_ROOT "/ethernet/settings")))
-		exit(1);
-
-	if (! findkey(kv, "GREEN_DEV", greendev)) {
-		fprintf(stderr, "Couldn't find GREEN device\n");
-		exit(1);
-	}
-	if (! strlen (greendev) > 0) {
-		fprintf(stderr, "Couldn't find GREEN device\n");
-		exit(1);
-	}
-	if (!VALID_DEVICE(greendev))
-	{
-		fprintf(stderr, "Bad GREEN_DEV: %s\n", greendev);
-		exit(1);
-	}
-	if (!(findkey(kv, "GREEN_ADDRESS", greenip))) {
-		fprintf(stderr, "Couldn't find GREEN address\n");
-		exit(1);
-	}
-	if (!VALID_IP(greenip)) {
-		fprintf(stderr, "Bad GREEN_ADDRESS: %s\n", greenip);
-		exit(1);
-	}
-
-	if (findkey(kv, "ORANGE_DEV", orangedev) && strlen (orangedev) > 0) {
-		if (!VALID_DEVICE(orangedev))
-		{
-			fprintf(stderr, "Bad ORANGE_DEV: %s\n", orangedev);
-			exit(1);
-		}
-		if (!(findkey(kv, "ORANGE_ADDRESS", orangeip))) {
-			fprintf(stderr, "Couldn't find ORANGE address\n");
-			exit(1);
-		}
-		if (!VALID_IP(orangeip)) {
-			fprintf(stderr, "Bad ORANGE_ADDRESS: %s\n", orangeip);
-			exit(1);
-		}
-	}
-
-	if (findkey(kv, "BLUE_DEV", bluedev) && strlen (bluedev) > 0) {
-		if (!VALID_DEVICE(bluedev))
-		{
-			fprintf(stderr, "Bad BLUE_DEV: %s\n", bluedev);
-			exit(1);
-		}
-		if (!(findkey(kv, "BLUE_ADDRESS", blueip))) {
-			fprintf(stderr, "Couldn't find BLUE address\n");
-			exit(1);
-		}
-		if (!VALID_IP(blueip)) {
-			fprintf(stderr, "Bad BLUE_ADDRESS: %s\n", blueip);
-			exit(1);
-		}
-	}
-
-	stat(CONFIG_ROOT "/red/active", &st);
-
-	if (S_ISREG(st.st_mode)) {
-		if (!(ifacefile = fopen(CONFIG_ROOT "/red/iface", "r")))
-		{
-			fprintf(stderr, "Couldn't open iface file\n");
-			exit(0);
-		}
-
-		if (fgets(iface, STRING_SIZE, ifacefile))
-		{
-			if (iface[strlen(iface) - 1] == '\n')
-				iface[strlen(iface) - 1] = '\0';
-		}
-		fclose(ifacefile);
-		if (!VALID_DEVICE(iface))
-		{
-			fprintf(stderr, "Bad iface: %s\n", iface);
-			exit(0);
-		}
-
-	        if (!(ipfile = fopen(CONFIG_ROOT "/red/local-ipaddress", "r")))
-        	{
-        	        fprintf(stderr, "Couldn't open local ip file\n");
-	                exit(0);
-        	}
-		if (fgets(locip, STRING_SIZE, ipfile))
-		{
-		        if (locip[strlen(locip) - 1] == '\n')
-        		        locip[strlen(locip) - 1] = '\0';
-		}
-        	fclose (ipfile);
-		if (strlen(locip) && !VALID_IP(locip))
-		{
-			fprintf(stderr, "Bad local IP: %s\n", locip);
-			exit(1);
-		}
-	
-	        if (!(dns1file = fopen(CONFIG_ROOT "/red/dns1", "r")))
-        	{
-                	fprintf(stderr, "Couldn't open dns1 file\n");
-	                exit(0);
-        	}
-		if (fgets(dns1, STRING_SIZE, dns1file))
-		{
-	        	if (dns1[strlen(dns1) - 1] == '\n')
-	        	        dns1[strlen(dns1) - 1] = '\0';
-		}
-	        fclose (dns1file);
-		if (strlen(dns1) && !VALID_IP(dns1))
-		{
-			fprintf(stderr, "Bad DNS1 IP: %s\n", dns1);
-			exit(1);
-		}
-		        
-	        if (!(dns2file = fopen(CONFIG_ROOT "/red/dns2", "r")))
-        	{
-	                fprintf(stderr, "Couldn't open dns2 file\n");
-        	        exit(1);
-	        }
-		if (fgets(dns2, STRING_SIZE, dns2file))
-		{
-		        if (dns2[strlen(dns2) - 1] == '\n')
-	        	        dns2[strlen(dns2) - 1] = '\0';
-		}
-	        fclose (dns2file);
-		if (strlen(dns2) && !VALID_IP(dns2))
-		{
-			fprintf(stderr, "Bad DNS2 IP: %s\n", dns2);
-			exit(1);
-		}
-	}
-
-	if (restartred)
-		killsnort(iface);
-
-	if (restartblue)
-		killsnort(bluedev);
-	
-	if (restartorange)
-		killsnort(orangedev);
-
-	if (restartgreen)
-		killsnort(greendev);
-        
-	if (!(varsfile = fopen("/etc/snort/vars", "w")))
-	{
-		fprintf(stderr, "Couldn't create vars file\n");
-		exit(1);
-	}
-	if (strlen(blueip)) {
-		if (strlen(orangeip)) {
-			if (strlen(locip)) {
-				fprintf(varsfile, "var HOME_NET [%s,%s,%s,%s]\n", greenip, orangeip, blueip, locip);
-			} else {
-				fprintf(varsfile, "var HOME_NET [%s,%s,%s]\n", greenip, orangeip, blueip);
-			}
-		} else {
-			if (strlen(locip)) {
-				fprintf(varsfile, "var HOME_NET [%s,%s,%s]\n", greenip, blueip, locip);
-			} else {
-				fprintf(varsfile, "var HOME_NET [%s,%s]\n", greenip, blueip);
-			}
-		}
-	} else {
-		if (strlen(orangeip)) {
-			if (strlen(locip)) {
-				fprintf(varsfile, "var HOME_NET [%s,%s,%s]\n", greenip, orangeip, locip);
-			} else {
-				fprintf(varsfile, "var HOME_NET [%s,%s]\n", greenip, orangeip);
-			}
-		} else {
-			if (strlen(locip)) {
-				fprintf(varsfile, "var HOME_NET [%s,%s]\n", greenip, locip);
-			} else {
-				fprintf(varsfile, "var HOME_NET [%s]\n", greenip);
-			}
-		}
-	}
-	if (strlen(dns1))
-	{
-		if (strlen(dns2))
-			fprintf(varsfile, "var DNS_SERVERS [%s,%s]\n", dns1, dns2);
-		else
-			fprintf(varsfile, "var DNS_SERVERS %s\n", dns1);
-	} else {
-		fprintf(varsfile, "var DNS_SERVERS []\n");
-	}
-	fclose(varsfile);
-	varsfile = NULL;
-	
-	if (restartred && strlen(iface) && (fd = open(CONFIG_ROOT "/snort/enable", O_RDONLY)) != -1)
-	{
-		close(fd);
-		snprintf(command, STRING_SIZE -1,
-			"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",
-			iface);
-		safe_system(command);
-	}
-	if (restartblue && strlen(bluedev) && (fd = open(CONFIG_ROOT "/snort/enable_blue", O_RDONLY)) != -1 && bluedev)
-        {
-		close(fd);
-		snprintf(command, STRING_SIZE -1,
-			"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",
-			bluedev);
-		safe_system(command);
-	}
-	if (restartorange && strlen(orangedev) && (fd = open(CONFIG_ROOT "/snort/enable_orange", O_RDONLY)) != -1 && orangedev)
-	{
-		close(fd);
-		snprintf(command, STRING_SIZE -1,
-			"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",
-			orangedev);
-		safe_system(command);
-	}
-	if (restartgreen && (fd = open(CONFIG_ROOT "/snort/enable_green", O_RDONLY)) != -1)
-	{
-		close(fd);
-		snprintf(command, STRING_SIZE -1,
-			"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",
-			greendev);
-		safe_system(command);
-	}
-
-  return 0;
-}

src/misc-progs/snortctrl.c

@@ -0,0 +1,38 @@
+/* This file is part of the IPFire Firewall.
+ *
+ * This program is distributed under the terms of the GNU General Public
+ * Licence.  See the file COPYING for details.
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include "setuid.h"
+
+int main(int argc, char *argv[]) {
+
+	if (!(initsetuid()))
+		exit(1);
+
+	if (argc < 2) {
+		fprintf(stderr, "\nNo argument given.\n\nsnortctrl (start|stop|restart)\n\n");
+		exit(1);
+	}
+
+	if (strcmp(argv[1], "start") == 0) {
+		safe_system("/etc/rc.d/init.d/snort start");
+	} else if (strcmp(argv[1], "stop") == 0) {
+		safe_system("/etc/rc.d/init.d/snort stop");
+	} else if (strcmp(argv[1], "restart") == 0) {
+		safe_system("/etc/rc.d/init.d/snort restart");
+	} else {
+		fprintf(stderr, "\nBad argument given.\n\nsnortctrl (start|stop|restart)\n\n");
+		exit(1);
+	}
+
+	return 0;
+}

src/misc-progs/squidctrl.c

@@ -38,7 +38,7 @@ int main(int argc, char *argv[]) {
 	} else if (strcmp(argv[1], "disable") == 0) {
 		safe_system("rm -f /etc/rc.d/rc*.d/*squid >/dev/null 2>&1");
 	} else {
-		fprintf(stderr, "\nBad argument given.\n\nredctrl (start|stop|restart|flush)\n\n");
+		fprintf(stderr, "\nBad argument given.\n\nsquidctrl (start|stop|restart|flush)\n\n");
 		exit(1);
 	}