3. Snort: "Update rules automatically"

Snort: "Update rules automatically"

  • S

    Upgrade rules on cron

    (3 */12 * * * root /usr/bin/nice-n20 /usr/local/bin/php -f /usr/local/pkg/snort/snort_check_for_rule_updates.php >> /usr/local/etc/snort/snort_update.log)

    does not work!

    I receive in /usr/local/etc/snort/snort_update.log:

    You must enter valid credentials to access this resource.

    ???

    Serg Max

    0
  • S

    Works after editing snort_check_for_rule_updates.php:

    ….
    require_once("globals.inc");                 
    / require_once("guiconfig.inc"); /          
    require_once("/usr/local/pkg/snort/snort.inc");
    ….

    All thanks!

    P.S. What for guiconfig.inc has been included?  ::)

    0
  • Rebel Alliance Developer Netgate

    If the file is meant to be accessed using the Web Interface, that include makes sure that a user is prompted for a username and password before they are allowed access to the page.

    If that script is meant to only be run from the CLI, it can have that include removed and it should be moved out of /usr/local/www - perhaps to /usr/local/bin - so that it cannot be accessed via the web without authentication. Otherwise, anyone who is allowed to hit the WebGUI port could trigger that script.

    0
  • S

    Clearly, root through cron refresh rules cannot.
    We will be refreshed therefore through webgui.

    Thanks!

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy