Replaced snort gpl community rules by emergingthreats.net rules.

html/cgi-bin/ids.cgi

@@ -268,7 +268,7 @@ if ($snortsettings{'RULES'} eq 'subscripted') {
 	$url="http://dl.snort.org/reg-rules/snortrules-snapshot-2860.tar.gz?oink_code=$snortsettings{'OINKCODE'}";
 	#$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8.tar.gz";
 } else {
-	$url="http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz";
+	$url="http://www.emergingthreats.net/rules/emerging.rules.tar.gz";
 }
 
 if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "snort" )
@@ -559,6 +559,11 @@ if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable
 		foreach my $rulefile (sort keys(%snortrules)) {
 			my $rulechecked = '';
 
+			# Hide inkompatible Block rules
+			if ($rulefile =~'-BLOCK.rules') {
+				next;
+			}
+
 			# Check if reached half-way through rule file rules to start new column
  		if ($ruledisplaycnt > $rulecnt) {
 				print "</TABLE></TD><TD VALIGN='TOP'><TABLE>";

langs/de/cgi-bin/de.pl

@@ -483,7 +483,7 @@
 'clock last synchronized at' => 'Die Uhr wurde zuletzt synchronisiert um',
 'comment' => 'Kommentar',
 'common name' => 'Gemeinsamer Name',
-'community rules' => 'Snort GPL Community Rules',
+'community rules' => 'Emergingthreats.net Community Rules',
 'comp-lzo' => 'LZO-Kompression',
 'compression' => 'Kompression:',
 'computer to modem rate' => 'Übertragungsrate zwischen Computer und Modem:',
@@ -919,7 +919,7 @@
 'intrusion detection' => 'Einbruchdetektierung',
 'intrusion detection system' => 'Intrusion Detection System',
 'intrusion detection system log viewer' => 'Betrachter der IDS-Logfiles',
-'intrusion detection system rules' => 'Íntrusion Detection System Regeln',
+'intrusion detection system rules' => 'Intrusion Detection System Regeln',
 'intrusion detection system2' => 'Intrusion Detection System:',
 'invalid broadcast ip' => 'Ungültige Broadcast-IP',
 'invalid cache size' => 'Ungültige Cache-Größe.',

langs/en/cgi-bin/en.pl

@@ -507,7 +507,7 @@
 'clock last synchronized at' => 'Clock was last synchronized at',
 'comment' => 'Description:',
 'common name' => 'Common name',
-'community rules' => 'Snort GPL Community Rules',
+'community rules' => 'Emergingthreats.net Community Rules',
 'comp-lzo' => 'LZO-Compression:',
 'compression' => 'Compression:',
 'computer to modem rate' => 'Computer to modem rate:',

langs/es/cgi-bin/es.pl

@@ -507,7 +507,7 @@
 'clock last synchronized at' => 'Clock was last synchronized at',
 'comment' => 'Description:',
 'common name' => 'Common name',
-'community rules' => 'Snort GPL Community Rules',
+'community rules' => 'Emergingthreats.net Community Rules',
 'comp-lzo' => 'LZO-Compression:',
 'compression' => 'Compression:',
 'computer to modem rate' => 'Computer to modem rate:',

langs/fr/cgi-bin/fr.pl

@@ -507,7 +507,7 @@
 'clock last synchronized at' => 'Clock was last synchronized at',
 'comment' => 'Description:',
 'common name' => 'Common name',
-'community rules' => 'Snort GPL Community Rules',
+'community rules' => 'Emergingthreats.net Community Rules',
 'comp-lzo' => 'LZO-Compression:',
 'compression' => 'Compression:',
 'computer to modem rate' => 'Computer to modem rate:',

src/initscripts/init.d/snort

@@ -62,6 +62,14 @@ fi
 
 case "$1" in
         start)
+		# Disable incompatible rules
+		for file in $(ls /etc/snort/rules/*.rules); do
+			sed -i 's|^alert.*!\[\$DNS_SERVERS|#&|g' $file
+			sed -i 's|^alert.*!\$SSH_PORTS|#&|g' $file
+			sed -i 's|^alert.*!\$HOME_NET|#&|g' $file
+			sed -i 's|^alert.*!\$SQL_SERVERS|#&|g' $file
+		done
+
                 for DEVICE in $DEVICES; do
                         boot_mesg "Starting Intrusion Detection System on $DEVICE..."
                         /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run/