This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via 32810952ccb7190822848f75b4c417f6e1b9ad5f (commit) via 77e9b64c80dc0821227ba59d483baec52a0d4aeb (commit) from c4cd0f7b952710f2f739338170ddf16a602ad6eb (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 32810952ccb7190822848f75b4c417f6e1b9ad5f Author: Christian Schmidt christian.schmidt@ipfire.org Date: Wed May 12 22:08:40 2010 +0200
Removed snort md5 check, added free space check.
commit 77e9b64c80dc0821227ba59d483baec52a0d4aeb Author: Christian Schmidt christian.schmidt@ipfire.org Date: Wed May 12 22:08:15 2010 +0200
Fixed async logging feature.
-----------------------------------------------------------------------
Summary of changes: html/cgi-bin/ids.cgi | 81 ++++++++++++++---------------------------- src/misc-progs/syslogdctrl.c | 11 +++--- 2 files changed, 33 insertions(+), 59 deletions(-)
Difference in files: diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 52a57fd..d908297 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -43,8 +43,6 @@ my %checked=(); my %selected=(); my %netsettings=(); our $errormessage = ''; -our $md5 = '0';# not '' to avoid displaying the wrong message when INSTALLMD5 not set -our $realmd5 = ''; our $results = ''; our $tempdir = ''; our $url=''; @@ -69,7 +67,6 @@ $snortsettings{'ACTION2'} = ''; $snortsettings{'RULES'} = ''; $snortsettings{'OINKCODE'} = ''; $snortsettings{'INSTALLDATE'} = ''; -$snortsettings{'INSTALLMD5'} = '';
&Header::getcgihash(%snortsettings, {'wantfile' => 1, 'filevar' => 'FH'});
@@ -263,8 +260,8 @@ if (-e "/etc/snort/snort.conf") { ####################### End added for snort rules control #################################
if ($snortsettings{'RULES'} eq 'subscripted') { - $url="http://dl.snort.org/sub-rules/snortrules-snapshot-2.8_s.tar.gz?oink_code=$sn..."; - #$url="http://dl.snort.org/sub-rules/snortrules-snapshot-2853_s.tar.gz?oink_code=$s..."; + #$url="http://dl.snort.org/sub-rules/snortrules-snapshot-2.8_s.tar.gz?oink_code=$sn..."; + $url="http://dl.snort.org/sub-rules/snortrules-snapshot-2853_s.tar.gz?oink_code=$s..."; #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings%7B%27OINKCODE%27%..."; } elsif ($snortsettings{'RULES'} eq 'registered') { $url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz?oink_code=$snor..."; @@ -342,25 +339,30 @@ END &General::readhash("${General::swroot}/snort/settings", %snortsettings);
if ($snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'}) { - $md5 = &getmd5; - if (($snortsettings{'INSTALLMD5'} ne $md5) && defined $md5 ) { - chomp($md5); - my $filename = &downloadrulesfile(); - if (defined $filename) { - # Check MD5sum - $realmd5 = `/usr/bin/md5sum $filename`; - chomp ($realmd5); - $realmd5 =~ s/^(\w+)\s.*$/$1/; - if ( $md5 ne $realmd5 ) { - $errormessage = "$Lang::tr{'invalid md5sum'} - $md5 - $realmd5"; + + my @df = `/bin/df -B M /var`; + foreach my $line (@df) { + next if $line =~ m/^Filesystem/; + + if ($line =~ m/dev/ ) { + $line =~ m/^.* (\d+)M.*$/; + my @temp = split(/ +/,$line); + if ($1<600) { + $errormessage = "$Lang::tr{'not enough disk space'} < 600MB, /var $1MB"; } else { - $results = "<b>$Lang::tr{'installed updates'}</b>\n<pre>"; - $results .=`/usr/local/bin/oinkmaster.pl -s -u file://$filename -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules 2>&1`; - $results .= "</pre>"; + my $filename = &downloadrulesfile(); + if (defined $filename) { + $results = "<b>$Lang::tr{'installed updates'}</b>\n<pre>"; + $results .=`/usr/local/bin/oinkmaster.pl -s -u file://$filename -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules 2>&1`; + $results .= "</pre>"; + } + unlink ($filename); } - unlink ($filename); + } } + + }
$checked{'ENABLE_SNORT'}{'off'} = ''; @@ -469,16 +471,12 @@ print <<END END ;
-if ($snortsettings{'INSTALLMD5'} eq $md5) { - print " $Lang::tr{'rules already up to date'}</td>"; -} else { - if ( $snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'} && $md5 eq $realmd5 ) { - $snortsettings{'INSTALLMD5'} = $realmd5; - $snortsettings{'INSTALLDATE'} = `/bin/date +'%Y-%m-%d'`; - &General::writehash("${General::swroot}/snort/settings", %snortsettings); - } - print " $Lang::tr{'updates installed'}: $snortsettings{'INSTALLDATE'}</td>"; +if ( $snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'} ) { + $snortsettings{'INSTALLDATE'} = `/bin/date +'%Y-%m-%d'`; + &General::writehash("${General::swroot}/snort/settings", %snortsettings); } +print " $Lang::tr{'updates installed'}: $snortsettings{'INSTALLDATE'}</td>"; + print <<END </tr> </table> @@ -678,31 +676,6 @@ END &Header::closebigbox(); &Header::closepage();
-sub getmd5 { - # Retrieve MD5 sum from $url.md5 file - - my $md5buf; - if ($snortsettings{'RULES'} eq 'subscripted') { - $md5buf = &geturl("http://dl.snort.org/reg-rules/snortrules-snapshot-2.8_s.tar.gz.md5?oink_code..."); - } elsif ($snortsettings{'RULES'} eq 'registered') { - $md5buf = &geturl("http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz.md5?oink_code=$..."); - } else { - $md5buf = &geturl("http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rul..."); - } - - return undef unless $md5buf; - - if (0) { # 1 to debug - my $filename=''; - my $fh=''; - ($fh, $filename) = tempfile('/var/tmp/XXXXXXXX',SUFFIX => '.md5' ); - binmode ($fh); - syswrite ($fh, $md5buf->content); - close($fh); - } - - return $md5buf->content; -} sub downloadrulesfile { my $return = &geturl($url); return undef unless $return; diff --git a/src/misc-progs/syslogdctrl.c b/src/misc-progs/syslogdctrl.c index a470e47..993cc93 100644 --- a/src/misc-progs/syslogdctrl.c +++ b/src/misc-progs/syslogdctrl.c @@ -31,13 +31,14 @@ int main(void) { char buffer[STRING_SIZE], command[STRING_SIZE], hostname[STRING_SIZE]; - char varmessages[STRING_SIZE], enable_asynclog[STRING_SIZE]; + char varmessages[STRING_SIZE], asynclog[STRING_SIZE]; int config_fd,rc,fd,pid; struct stat st; struct keyvalue *kv = NULL; memset(buffer, 0, STRING_SIZE); memset(hostname, 0, STRING_SIZE); memset(varmessages, 0, STRING_SIZE); + memset(asynclog, 0, STRING_SIZE);
if (!(initsetuid())) exit(1); @@ -64,7 +65,7 @@ int main(void) exit(ERR_SETTINGS); }
- if (!findkey(kv, "ENABLE_ASYNCLOG", enable_asynclog)) + if (!findkey(kv, "ENABLE_ASYNCLOG", asynclog)) { fprintf(stderr, "Cannot read ENABLE_ASYNCLOG\n"); exit(ERR_SETTINGS); @@ -133,10 +134,10 @@ int main(void) /* Replace the logging option*/ safe_system("grep -v '/var/log/messages' < /etc/syslog.conf.new > /etc/syslog.conf.tmp && mv /etc/syslog.conf.tmp /etc/syslog.conf.new");
- if (strcmp(enable_asynclog,"on")) - snprintf(command, STRING_SIZE-1, "printf '%s -/var/log/messages' >> /etc/syslog.conf.new", varmessages ); + if (!strcmp(asynclog,"on")) + snprintf(command, STRING_SIZE - 1, "printf '%s -/var/log/messages' >> /etc/syslog.conf.new", varmessages ); else - snprintf(command, STRING_SIZE-1, "printf '%s /var/log/messages' >> /etc/syslog.conf.new", varmessages ); + snprintf(command, STRING_SIZE - 1, "printf '%s /var/log/messages' >> /etc/syslog.conf.new", varmessages );
safe_system(command);
hooks/post-receive -- IPFire 2.x development tree