diff options
Diffstat (limited to 'openwrt/package/snort-wireless/patches')
-rw-r--r-- | openwrt/package/snort-wireless/patches/500-no-config-search.patch | 35 | ||||
-rw-r--r-- | openwrt/package/snort-wireless/patches/750-lightweight-config.patch | 178 |
2 files changed, 0 insertions, 213 deletions
diff --git a/openwrt/package/snort-wireless/patches/500-no-config-search.patch b/openwrt/package/snort-wireless/patches/500-no-config-search.patch deleted file mode 100644 index d674ba66a..000000000 --- a/openwrt/package/snort-wireless/patches/500-no-config-search.patch +++ /dev/null @@ -1,35 +0,0 @@ ---- snort-2.3.2-orig/src/snort.c 2005-01-13 21:36:20.000000000 +0100 -+++ snort-2.3.2-1/src/snort.c 2005-04-04 20:03:34.000000000 +0200 -@@ -1949,7 +1949,7 @@ - { - struct stat st; - int i; -- char *conf_files[]={"/etc/snort.conf", "./snort.conf", NULL}; -+ char *conf_files[]={"/etc/snort/snort.conf", NULL}; - char *fname = NULL; - char *home_dir = NULL; - char *rval = NULL; -@@ -1970,23 +1970,6 @@ - i++; - } - -- /* search for .snortrc in the HOMEDIR */ -- if(!rval) -- { -- if((home_dir = getenv("HOME"))) -- { -- /* create the full path */ -- fname = (char *)malloc(strlen(home_dir) + strlen("/.snortrc") + 1); -- if(!fname) -- FatalError("Out of memory searching for config file\n"); -- -- if(stat(fname, &st) != -1) -- rval = fname; -- else -- free(fname); -- } -- } -- - return rval; - } - diff --git a/openwrt/package/snort-wireless/patches/750-lightweight-config.patch b/openwrt/package/snort-wireless/patches/750-lightweight-config.patch deleted file mode 100644 index daea3be5a..000000000 --- a/openwrt/package/snort-wireless/patches/750-lightweight-config.patch +++ /dev/null @@ -1,178 +0,0 @@ ---- snort-wireless-2.4.3-alpha04/etc/snort.conf 2005-10-21 09:41:01.000000000 +0200 -+++ /Users/florian/telechargements/snort.conf 2005-10-30 13:20:17.000000000 +0100 -@@ -6,6 +6,7 @@ - # - ################################################### - # This file contains a sample snort configuration. -+# Most preprocessors and rules were disabled to save memory. - # You can take the following steps to create your own custom configuration: - # - # 1) Set the variables for your network -@@ -42,10 +43,10 @@ - # or you can specify the variable to be any IP address - # like this: - --var HOME_NET any -+var HOME_NET 192.168.1.0/24 - - # Set up the external network addresses as well. A good start may be "any" --var EXTERNAL_NET any -+var EXTERNAL_NET !$HOME_NET - - # Configure your wireless AP lists. This allows snort to look for attacks - # against your wireless network, such as rogue access points or adhoc wireless -@@ -137,7 +138,7 @@ - # Path to your rules files (this can be a relative path) - # Note for Windows users: You are advised to make this an absolute path, - # such as: c:\snort\rules --var RULE_PATH ../rules -+var RULE_PATH /etc/snort/rules - - # Configure the snort decoder - # ============================ -@@ -413,11 +414,11 @@ - # lots of options available here. See doc/README.http_inspect. - # unicode.map should be wherever your snort.conf lives, or given - # a full path to where snort can find it. --preprocessor http_inspect: global \ -- iis_unicode_map unicode.map 1252 -+#preprocessor http_inspect: global \ -+# iis_unicode_map unicode.map 1252 - --preprocessor http_inspect_server: server default \ -- profile all ports { 80 8080 8180 } oversize_dir_length 500 -+#preprocessor http_inspect_server: server default \ -+# profile all ports { 80 8080 8180 } oversize_dir_length 500 - - # - # Example unique server configuration -@@ -451,7 +452,7 @@ - # no_alert_incomplete - don't alert when a single segment - # exceeds the current packet size - --preprocessor rpc_decode: 111 32771 -+#preprocessor rpc_decode: 111 32771 - - # bo: Back Orifice detector - # ------------------------- -@@ -474,7 +475,7 @@ - # 3 Back Orifice Server Traffic Detected - # 4 Back Orifice Snort Buffer Attack - --preprocessor bo -+#preprocessor bo - - # telnet_decode: Telnet negotiation string normalizer - # --------------------------------------------------- -@@ -486,7 +487,7 @@ - # This preprocessor requires no arguments. - # Portscan uses Generator ID 109 and does not generate any SID currently. - --preprocessor telnet_decode -+#preprocessor telnet_decode - - # sfPortscan - # ---------- -@@ -537,9 +538,9 @@ - # are still watched as scanner hosts. The 'ignore_scanned' option is - # used to tune alerts from very active hosts such as syslog servers, etc. - # --preprocessor sfportscan: proto { all } \ -- memcap { 10000000 } \ -- sense_level { low } -+#preprocessor sfportscan: proto { all } \ -+# memcap { 10000000 } \ -+# sense_level { low } - - # arpspoof - #---------------------------------------- -@@ -814,41 +815,41 @@ - include $RULE_PATH/bad-traffic.rules - include $RULE_PATH/exploit.rules - include $RULE_PATH/scan.rules --include $RULE_PATH/finger.rules --include $RULE_PATH/ftp.rules --include $RULE_PATH/telnet.rules --include $RULE_PATH/rpc.rules --include $RULE_PATH/rservices.rules --include $RULE_PATH/dos.rules --include $RULE_PATH/ddos.rules --include $RULE_PATH/dns.rules --include $RULE_PATH/tftp.rules -- --include $RULE_PATH/web-cgi.rules --include $RULE_PATH/web-coldfusion.rules --include $RULE_PATH/web-iis.rules --include $RULE_PATH/web-frontpage.rules --include $RULE_PATH/web-misc.rules --include $RULE_PATH/web-client.rules --include $RULE_PATH/web-php.rules -- --include $RULE_PATH/sql.rules --include $RULE_PATH/x11.rules --include $RULE_PATH/icmp.rules --include $RULE_PATH/netbios.rules --include $RULE_PATH/misc.rules --include $RULE_PATH/attack-responses.rules --include $RULE_PATH/oracle.rules --include $RULE_PATH/mysql.rules --include $RULE_PATH/snmp.rules -- --include $RULE_PATH/smtp.rules --include $RULE_PATH/imap.rules --include $RULE_PATH/pop2.rules --include $RULE_PATH/pop3.rules -+#include $RULE_PATH/finger.rules -+#include $RULE_PATH/ftp.rules -+#include $RULE_PATH/telnet.rules -+#include $RULE_PATH/rpc.rules -+#include $RULE_PATH/rservices.rules -+#include $RULE_PATH/dos.rules -+#include $RULE_PATH/ddos.rules -+#include $RULE_PATH/dns.rules -+#include $RULE_PATH/tftp.rules -+ -+#include $RULE_PATH/web-cgi.rules -+#include $RULE_PATH/web-coldfusion.rules -+#include $RULE_PATH/web-iis.rules -+#include $RULE_PATH/web-frontpage.rules -+#include $RULE_PATH/web-misc.rules -+#include $RULE_PATH/web-client.rules -+#include $RULE_PATH/web-php.rules -+ -+#include $RULE_PATH/sql.rules -+#include $RULE_PATH/x11.rules -+#include $RULE_PATH/icmp.rules -+#include $RULE_PATH/netbios.rules -+#include $RULE_PATH/misc.rules -+#include $RULE_PATH/attack-responses.rules -+#include $RULE_PATH/oracle.rules -+#include $RULE_PATH/mysql.rules -+#include $RULE_PATH/snmp.rules -+ -+#include $RULE_PATH/smtp.rules -+#include $RULE_PATH/imap.rules -+#include $RULE_PATH/pop2.rules -+#include $RULE_PATH/pop3.rules - --include $RULE_PATH/nntp.rules --include $RULE_PATH/other-ids.rules -+#include $RULE_PATH/nntp.rules -+#include $RULE_PATH/other-ids.rules - # include $RULE_PATH/web-attacks.rules - # include $RULE_PATH/backdoor.rules - # include $RULE_PATH/shellcode.rules -@@ -856,11 +857,11 @@ - # include $RULE_PATH/porn.rules - # include $RULE_PATH/info.rules - # include $RULE_PATH/icmp-info.rules -- include $RULE_PATH/virus.rules -+# include $RULE_PATH/virus.rules - # include $RULE_PATH/chat.rules - # include $RULE_PATH/multimedia.rules - # include $RULE_PATH/p2p.rules --include $RULE_PATH/experimental.rules -+#include $RULE_PATH/experimental.rules - #include $RULE_PATH/wifi.rules - - # Include any thresholding or suppression commands. See threshold.conf in the |