function snort(){ if(!$GLOBALS["CLASS_USERS"]->SNORT_INSTALLED){ if($GLOBALS["VERBOSE"]){echo "SNORT_INSTALLED FALSE\n";} return; } $EnableSnort=$GLOBALS["CLASS_SOCKETS"]->GET_INFO("EnableSnort"); if(!is_numeric($EnableSnort)){$EnableSnort=0;} $snortInterfaces=unserialize(base64_decode($GLOBALS["CLASS_SOCKETS"]->GET_INFO("SnortNics"))); if(count($snortInterfaces)==0){$EnableSnort=0;} $binpath=$GLOBALS["CLASS_UNIX"]->find_program('snort'); if($binpath==null){ if($GLOBALS["VERBOSE"]){echo "snort no such binary.\n";} return; } if($EnableSnort==0){ $l[]="[APP_SNORT]"; $l[]="service_name=APP_SNORT"; $l[]="service_cmd=snort"; $l[]="master_version="._snort_version(); $l[]="service_disabled=$EnableSnort"; $l[]="family=network"; $l[]="watchdog_features=1"; return implode("\n",$l); } while (list ($eth, $ligne) = each ($snortInterfaces) ){ $l[]="[APP_SNORT:$eth]"; $l[]="service_name=APP_SNORT"; $l[]="service_cmd=snort"; $l[]="master_version="._snort_version(); $l[]="service_disabled=$EnableSnort"; $l[]="family=network"; $l[]="watchdog_features=1"; $pidpath="/var/run/snort_$eth.pid"; $master_pid=$GLOBALS["CLASS_UNIX"]->get_pid_from_file($pidpath); if(!$GLOBALS["CLASS_UNIX"]->process_exists($master_pid)){ WATCHDOG("APP_SNORT (Nic:$eth)","snort"); $l[]="running=0\ninstalled=1";$l[]=""; }else{ $l[]="running=1"; $l[]=GetMemoriesOf($master_pid); $l[]=""; } } return implode("\n",$l);return; }
function snort() { if (!$GLOBALS["CLASS_USERS"]->SNORT_INSTALLED) { if ($GLOBALS["VERBOSE"]) { echo "SNORT_INSTALLED FALSE\n"; } return; } $EnableSnort = $GLOBALS["CLASS_SOCKETS"]->GET_INFO("EnableSnort"); if ($GLOBALS["VERBOSE"]) { echo "EnableSnort = {$EnableSnort}\n"; } if (!is_numeric($EnableSnort)) { $EnableSnort = 0; } $snortInterfaces = unserialize(base64_decode($GLOBALS["CLASS_SOCKETS"]->GET_INFO("SnortNics"))); if (count($snortInterfaces) == 0) { $EnableSnort = 0; } $binpath = $GLOBALS["CLASS_UNIX"]->find_program('snort'); if ($binpath == null) { if ($GLOBALS["VERBOSE"]) { echo "snort no such binary.\n"; } return; } if ($GLOBALS["VERBOSE"]) { echo "EnableSnort = {$EnableSnort}\n"; } if ($EnableSnort == 0) { if (!$GLOBALS["DISABLE_WATCHDOG"]) { $cz = 0; $kill = $GLOBALS["CLASS_UNIX"]->find_program('kill'); if ($GLOBALS["VERBOSE"]) { echo "{$binpath} = PID?\n"; } $pid = $GLOBALS["CLASS_UNIX"]->PIDOF($binpath, true); while ($pid > 50) { $cz++; system_admin_events("Snort pid {$pid} was killed, it is not enabled", __FUNCTION__, __FILE__, __LINE__, "watchdog"); unix_system_kill_force($pid); $pid = $GLOBALS["CLASS_UNIX"]->PIDOF($binpath, true); if ($cz > 10) { system_admin_events("Break loop after 10 attempts...", __FUNCTION__, __FILE__, __LINE__, "watchdog"); break; } sleep(1); } } $l[] = "[APP_SNORT]"; $l[] = "service_name=APP_SNORT"; $l[] = "service_cmd=snort"; $l[] = "master_version=" . _snort_version(); $l[] = "service_disabled={$EnableSnort}"; $l[] = "family=network"; $l[] = "watchdog_features=1"; return implode("\n", $l); } while (list($eth, $ligne) = each($snortInterfaces)) { $l[] = "[APP_SNORT:{$eth}]"; $l[] = "service_name=APP_SNORT"; $l[] = "service_cmd=snort"; $l[] = "master_version=" . _snort_version(); $l[] = "service_disabled={$EnableSnort}"; $l[] = "family=network"; $l[] = "watchdog_features=1"; $pidpath = "/var/run/snort_{$eth}.pid"; $master_pid = $GLOBALS["CLASS_UNIX"]->get_pid_from_file($pidpath); if (!$GLOBALS["CLASS_UNIX"]->process_exists($master_pid)) { WATCHDOG("APP_SNORT (Nic:{$eth})", "snort"); $l[] = "running=0\ninstalled=1"; $l[] = ""; } else { $l[] = "running=1"; $l[] = GetMemoriesOf($master_pid); $l[] = ""; } } return implode("\n", $l); return; }