Reviewed-by: Timo Eissler timo.eissler@ipfire.org
Am 16.10.2015 um 11:41 schrieb Stefan Schantl:
These changes will allow snort to also inspect the traffic for one or more configured alias addresses, which has not been done in the past.
To do this we will now check if, the RED interface has been set to STATIC (which is required to use the aliases function) and any aliases have been configured. In case of this, the modified code will add all enabled alias addresses to the HOMENET variable in which snort is storing all the monitored addresses.
Fixes #10619.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org
src/initscripts/init.d/snort | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
diff --git a/src/initscripts/init.d/snort b/src/initscripts/init.d/snort index e03c80f..47e7998 100644 --- a/src/initscripts/init.d/snort +++ b/src/initscripts/init.d/snort @@ -20,6 +20,8 @@ PATH=/usr/local/sbin:/usr/local/bin:/bin:/usr/bin:/sbin:/usr/sbin; export PATH eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) eval $(/usr/local/bin/readhash /var/ipfire/snort/settings)
+ALIASFILE="/var/ipfire/ethernet/aliases"
case "$1" in start) if [ "$BLUE_NETADDRESS" ]; then @@ -59,6 +61,19 @@ case "$1" in if [ "$LOCAL_IP" ]; then HOMENET+="$LOCAL_IP," fi
# Check if the red device is set to static and# any aliases have been configured.if [ "$RED_TYPE" == "STATIC" ] && [ -s "${ALIASFILE}" ]; then# Read in aliases file.while IFS="," read -r address mode remark; do# Check if the alias is enabled.[ "${mode}" = "on" ] || continue# Add alias to the list of HOMENET addresses.HOMENET+="${address},"done < "${ALIASFILE}"fi