cipherdyne.org - fwsnort.git/log

Michael Rash [Sun, 9 Jan 2011 14:54:49 +0000]

wording fix for the fwsnort-1.5 ChangeLog

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@561 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sun, 9 Jan 2011 03:14:15 +0000]

bumped software version to 1.5

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@556 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Mon, 3 Jan 2011 01:46:00 +0000]

minor date update

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@554 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Mon, 3 Jan 2011 01:45:26 +0000]

bumped version to: 1.5-pre5

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@553 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Mon, 3 Jan 2011 01:38:51 +0000]

copyright date update

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@552 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Mon, 3 Jan 2011 01:37:31 +0000]

added UPGRADE section

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@551 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 31 Dec 2010 15:50:02 +0000]

update to include information about the iptables-save format

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@550 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 31 Dec 2010 15:38:13 +0000]

minor wording update to include ip6tables policies

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@549 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 31 Dec 2010 15:37:04 +0000]

added the ability to build ip6tables policies in ip6tables-save format

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@548 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 31 Dec 2010 14:41:21 +0000]

minor update to include the GPL version number (v2) suggested by Guillermo Gomez

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@547 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Tue, 28 Dec 2010 04:13:57 +0000]

bumped to version 1.5-pre4

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@545 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sun, 26 Dec 2010 22:14:01 +0000]

- Added the --string-match-alg argument to allow the string matching
algorithm used by fwsnort to be specified from the command line. The
default algorithm is 'bm' for 'Boyer-Moore', but 'kmp' may also be
specified (short for the 'Knuth–Morris–Pratt' algorithm).

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@544 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 24 Dec 2010 04:39:52 +0000]

bumped version to 1.5-pre3

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@542 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 24 Dec 2010 04:39:26 +0000]

- Updated to the latest complete rule set from Emerging Threats (see
http://www.emergingthreats.net/).

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@541 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 24 Dec 2010 04:39:04 +0000]

updated to default to pulling Snort rules from the rules directory in --snort-rfile mode when running as root

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@540 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 24 Dec 2010 04:26:53 +0000]

bug fix to make sure to add the 'COMMIT' and '# Completed ...' lines at the end of the generated fwsnort.save file

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@539 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 24 Dec 2010 04:26:06 +0000]

updated to point to the correct Emerging Threats rule set, and added the --rules-url arg (similiar to fwsnort)

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@538 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Thu, 23 Dec 2010 04:48:24 +0000]

bumped version to: 1.5-pre2

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@536 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Thu, 23 Dec 2010 04:48:09 +0000]

- Added the --rules-url argument so that the URL for updating the
Emerging Threats rule set can be specified from the command line. The
default is:

http://rules.emergingthreats.net/open/snort-2.9.0/emerging-all.rules

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@535 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Thu, 23 Dec 2010 04:38:01 +0000]

bumped version to 1.5-pre1

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@533 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Thu, 23 Dec 2010 04:37:45 +0000]

minor comments update

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@532 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Thu, 23 Dec 2010 04:31:15 +0000]

moved to instantiate the fwsnort iptables-save policy via /etc/fwsnort/fwsnort.sh

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@531 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Tue, 14 Dec 2010 15:16:56 +0000]

- Updated to automatically check for the maximum length string that the
string match supports, and this is used to through out any Snort rules
with content matches longer than this length.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@530 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Tue, 14 Dec 2010 14:24:30 +0000]

- Updated the iptables capabilities testing routines to add and delete
testing rules to/from the custom chain 'FWS_CAP_TEST'. This maintains a
a cleaner separation between fwsnort and any existing iptables policy
even during the capabilities testing phase.
- Added the --ipt-check-capabilities argument to have fwsnort test the
capabilities of the local iptables firewall and exit.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@529 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 23 Jul 2010 01:09:19 +0000]

Major update to being moving to using the iptables-save format instead of the older
strategy to always just execute iptables commands directly.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@528 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 6 Feb 2010 03:33:39 +0000]

updated GPL license string to mention GPLv2

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@527 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 6 Feb 2010 03:33:22 +0000]

minor version fix (1.1)

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@526 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 6 Jan 2010 01:54:52 +0000]

minor update Snort -> SNORT

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@522 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 6 Jan 2010 01:36:34 +0000]

bumped version to 1.1

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@521 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 6 Jan 2010 01:29:45 +0000]

added a -6 example to the EXAMPLES section

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@520 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Tue, 5 Jan 2010 03:57:20 +0000]

bumped version to 1.1-pre3

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@518 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Tue, 5 Jan 2010 03:57:08 +0000]

added Guillermo Gomez

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@517 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Tue, 5 Jan 2010 03:51:38 +0000]

bumped version to 1.1-pre2

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@515 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Tue, 5 Jan 2010 03:39:53 +0000]

- Updated fwsnort to create logs in the /var/log/fwsnort/ directory
  instead of directly in the /var/log/ directory.  The path is controlled
  by a new variable 'LOG_FILE' in the /etc/fwsnort/fwsnort.conf file.
- Added several variables in /etc/fwsnort/fwsnort.conf to control paths
  to everything from the config file to the snort rules path.  Coupled
  with this is the ability to create variables within path components and
  fwsnort will expand them (e.g. 'CONF_DIR /etc/fwsnort;
  CONF_FILE $CONF_DIR/fwsnort.conf').
- Added --Last-cmd arg so that it is easy to rebuild the fwsnort.sh script
  with the same command line args as the previous execution.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@514 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Tue, 22 Dec 2009 02:53:12 +0000]

updated version to 1.1

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@512 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Tue, 22 Dec 2009 02:52:01 +0000]

- Added the ability to build an fwsnort policy that utilizes ip6tables
instead of iptables. This allows fwsnort filtering and altering
capabilities to apply to IPv6 traffic instead of just IPv4 traffic. To
enable ip6tables usage, use the "-6" or "--ip6tables" command line
arguments.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@511 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Mon, 21 Dec 2009 04:17:57 +0000]

- Added the --include-perl-triggers command line argument so that
translated Snort rules can easily be tested. This argument instructs
fwsnort to include 'perl -e print ... ' commands as comments in the
/etc/fwsnort/fwsnort.sh script, and these commands can be combined
with netcat to send payloads across the wire that match Snort rules.
- Minor documentation fixes.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@510 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Mon, 21 Dec 2009 03:55:01 +0000]

updated to the latest Emerging Threats rule set

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@509 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 4 Jul 2009 16:13:49 +0000]

updated to the latest Emerging Threats rule set

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@508 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 30 May 2009 21:57:28 +0000]

merged: svn merge -r 500:504 file:///home/mbr/svn/fwsnort_repos/fwsnort/branches/fwsnort-1.0.6

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@507 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 30 May 2009 02:39:38 +0000]

version 1.0.6

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@499 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 30 May 2009 02:39:14 +0000]

version 1.0.6

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@498 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 30 May 2009 02:39:00 +0000]

Added the 'BuildRequires: perl-ExtUtils-MakeMaker' statement

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@497 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 27 May 2009 21:29:48 +0000]

bumped version to fwsnort-1.0.6-pre4

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@495 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 27 May 2009 21:25:49 +0000]

- Bug fix to move the 'rawbytes' keyword to the list of keywords that are
ignored since iptables does a raw match anyway as it doesn't run any
preprocessors in the Snort sense.
- Added a small hack to choose the first port from a port list until the
iptables 'multiport' match is supported.
- Updated to consolidate spaces in hex matches in the fwsnort.sh script
since the spaces are not part of patterns to be searched anyway.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@494 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 27 May 2009 18:25:11 +0000]

minor cleanup (href->hr, aref->ar)

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@493 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 27 May 2009 17:39:49 +0000]

- Bug fix to allow case insensitive matches to work properly with the
--include-re-caseless and --exclude-re-caseless arguments.
- Added the --snort-rfile argument so that a specific Snort rules file (or
list of files separated by commas) is parsed.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@492 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 16 May 2009 15:20:54 +0000]

updated version to 1.0.6-pre3

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@490 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 16 May 2009 15:07:10 +0000]

Bug fix to allow fwsnort to properly translate snort rules that have
"content" fields with embedded escaped semicolons (e.g. "\;"). This
allows fwsnort to translate about 85 additional rules from the Emerging
Threats rule set.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@489 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 16 May 2009 14:49:47 +0000]

updated to the latest rule set from Emerging Threats

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@488 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 22 Apr 2009 02:26:57 +0000]

updated to version 1.0.6-pre2

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@486 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 22 Apr 2009 02:26:43 +0000]

commit | commitdiff | tree

Michael Rash [Wed, 22 Apr 2009 02:22:46 +0000]

- (Franck Joncourt) Updated fwsnort to use the "! <option> <arg>" syntax
instead of the older "<option> ! <arg>" for the iptables command line.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@484 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 31 Jan 2009 03:00:25 +0000]

bumped version to 1.0.6-pre1

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@482 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 31 Jan 2009 02:59:53 +0000]

From: Franck Joncourt <franck.mail@dthconnex.com>
Subject: [PATCH] fixes/content_length

[quote]
iptables v1.4.2: STRING too long `|7c|XML|7c
7c|if|7c|SPAN|7c|navigator|7c|CDATA|7c|http|7c|com|7c|w2k3|7c|appVersion|7c|
version|7c|nt|7c|7c|X|7c|MSIE|7c|wxp|7c|114|7c|HTML|7c|DATAFLD|7c|DATASRC|7c|
DATAFORMATAS|7c|ID|7c|while|7c|2003|7c|'
[/quote]

For the --hex-string and --string matches, if the argument exceeds 128 bytes
(iptables 1.4.2) then iptables fails as above.

Thus, this patch add a new variable in fwsnort.conf "MAX_STRING_LEN", so that
the size of the content can be limited. If the content (null terminated string)
is more than MAX_STRING_LEN chars, fwsnort throws the rule away.

Signed-off-by: Franck Joncourt <franck.mail@dthconnex.com>

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@481 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sun, 26 Oct 2008 23:03:09 +0000]

wording updates for the fwsnort(8) man page from Justin B Rye and Franck Joncourt

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@480 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Tue, 30 Sep 2008 04:11:04 +0000]

content match fix for Emerging Threats Snort rule ID 2007975 (Frank Joncourt)

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@479 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Tue, 30 Sep 2008 04:10:10 +0000]

bugfix in strict mode to use the fact that the threshold keyword is already unsupported (Franck Joncourt)

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@478 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 27 Aug 2008 02:38:43 +0000]

minor update to include download directory in status output in --update mode

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@477 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 22 Aug 2008 03:26:36 +0000]

updated to correct tar.gz path in --no-deps mode

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@476 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 22 Aug 2008 00:22:28 +0000]

version 1.0.5

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@472 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 22 Aug 2008 00:20:48 +0000]

updated release date

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@471 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 22 Aug 2008 00:20:36 +0000]

Added support for nodeps RPM's

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@470 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 16 Aug 2008 14:11:19 +0000]

added download of Emerging Threats as a tarball (suggested by Franck Joncourt)

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@469 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 16 Aug 2008 05:10:13 +0000]

minor dodumentation fixes

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@468 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 16 Aug 2008 04:49:50 +0000]

bumped version to 1.0.5-pre4

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@466 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 16 Aug 2008 04:47:59 +0000]

moved 'threshold' to the unsupported list since there will be several signatures that use this feature to detect the Dan Kaminsky DNS attack

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@465 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 16 Aug 2008 04:28:36 +0000]

updated 1.0.5 release date, removed perl module path updating code

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@464 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 16 Aug 2008 04:17:43 +0000]

bugfix for IPTables::ChainMgr -> IPTables::Parse

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@463 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 16 Aug 2008 01:13:14 +0000]

bumped version to 1.0.5-pre3

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@461 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 15 Aug 2008 04:41:17 +0000]

added bump_version.pl file

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@460 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 15 Aug 2008 04:40:55 +0000]

bugfix to exclude all directories except for the first in --update mode if multiple directories are given as a comma-separated list

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@459 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 15 Aug 2008 04:35:05 +0000]

Added support for multiple Snort rule directories as a comma-separated
list for the argument to --snort-rdir.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@458 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 15 Aug 2008 02:36:07 +0000]

removed old 'use lib' call since fwsnort uses the 'require' strategy now

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@457 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 15 Aug 2008 01:20:27 +0000]

applied patch from Franck Joncourt to fix fwsnort man page to replace bleeding-all with emerging-all

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@456 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 15 Aug 2008 01:15:30 +0000]

minor update to make sure to always return to the source directory when installing perl modules

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@455 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 15 Aug 2008 01:14:31 +0000]

minor fwsnort URL fix

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@454 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 15 Aug 2008 01:14:22 +0000]

removed moddir, minor fwsnort URL fix

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@453 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 13 Aug 2008 04:17:22 +0000]

version to 1.0.5-pre2

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@451 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 13 Aug 2008 04:15:32 +0000]

updated to handle snort_rules/ directory move to deps/

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@450 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 13 Aug 2008 04:14:30 +0000]

added -nodeps patch from Franck

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@449 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 13 Aug 2008 04:14:15 +0000]

added --snort-rdir patch from Franck

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@448 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 13 Aug 2008 04:09:44 +0000]

moved snort_rules directory into deps/, switched to Emerging Threats signature set

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@447 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 13 Aug 2008 03:09:20 +0000]

removed bleeding-all.rules and added emerging-all.rules since Matt Jonkman has switched to Emerging Threats

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@446 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 9 Aug 2008 15:23:19 +0000]

chdir path bugfix

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@444 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 9 Aug 2008 15:18:59 +0000]

bumped version to 1.0.5-pre1

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@443 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 9 Aug 2008 15:14:27 +0000]

Updated to import perl modules from /usr/lib/fwsnort, but only if this
path actually exists in the filesystem. This is similar to the strategy
implemented by psad. A new variable FWSNORT_LIBS_DIR was added to the
fwsnort.conf to support this.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@442 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 9 Aug 2008 15:12:49 +0000]

added dependencies discussion

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@441 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 9 Aug 2008 15:09:41 +0000]

update for Franck

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@440 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sat, 9 Aug 2008 15:05:50 +0000]

minor bugfix to include missed skip_module_install var

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@439 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Thu, 7 Aug 2008 09:17:04 +0000]

added fwsnort-nodeps.spec file, updated fwsnort.spec to handle deps/ directory

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@438 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Thu, 7 Aug 2008 09:07:10 +0000]

moved IPTables-Parse and Net-IPv4Addr to the deps/ directory

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@437 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 6 Aug 2008 08:13:49 +0000]

added code to handle new deps/ directory

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@436 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 6 Aug 2008 08:11:53 +0000]

minor update to include contributors

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@435 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 6 Aug 2008 08:10:41 +0000]

added deps/ directory

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@434 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Fri, 20 Jun 2008 03:51:04 +0000]

Franck Joncourt
- Submitted patch to fix double dash format in fwsnort man page.

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@433 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Mon, 18 Feb 2008 02:36:18 +0000]

minor contributor update

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@432 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sun, 17 Feb 2008 06:05:01 +0000]

minor usage update

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@431 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Sun, 17 Feb 2008 06:04:04 +0000]

minor usage update

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@430 af5c991a-1414-0410-86ad-c3437102cd4a

commit | commitdiff | tree

Michael Rash [Wed, 23 Jan 2008 03:32:53 +0000]

version 1.0.4

git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@425 af5c991a-1414-0410-86ad-c3437102cd4a

fwsnort: Application Layer IDS/IPS with iptables

RSS Atom