aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrobiscool <robrob2626@yahoo.com>2010-03-31 04:04:56 -0700
committerrobiscool <robrob2626@yahoo.com>2010-03-31 04:05:33 -0700
commit09d8b2fd5028ce1b58ecafc57c11e8336db2a5ae (patch)
tree203455f0dbfc8b14e464b66b4c474e8b9dd93f75
parent8e97b1d4fff0b09864e53f18ed6da606f0aca148 (diff)
downloadpfsense-packages-09d8b2fd5028ce1b58ecafc57c11e8336db2a5ae.tar.gz
pfsense-packages-09d8b2fd5028ce1b58ecafc57c11e8336db2a5ae.tar.bz2
pfsense-packages-09d8b2fd5028ce1b58ecafc57c11e8336db2a5ae.zip
snort-dev, final test
-rw-r--r--config/snort-dev/images/icon_excli.pngbin0 -> 5280 bytes
-rw-r--r--config/snort-dev/snort.inc41
-rw-r--r--config/snort-dev/snort_barnyard.php66
-rw-r--r--config/snort-dev/snort_define_servers.php72
-rw-r--r--config/snort-dev/snort_download_rules.php33
-rw-r--r--[-rwxr-xr-x]config/snort-dev/snort_fbegin.inc0
-rw-r--r--config/snort-dev/snort_gui.inc4
-rw-r--r--config/snort-dev/snort_help_info.php86
-rw-r--r--config/snort-dev/snort_interfaces.php106
-rw-r--r--config/snort-dev/snort_interfaces_edit.php133
-rw-r--r--config/snort-dev/snort_interfaces_global.php6
-rw-r--r--config/snort-dev/snort_preprocessors.php66
-rw-r--r--config/snort-dev/snort_rulesets.php62
13 files changed, 529 insertions, 146 deletions
diff --git a/config/snort-dev/images/icon_excli.png b/config/snort-dev/images/icon_excli.png
new file mode 100644
index 00000000..4b54fa31
--- /dev/null
+++ b/config/snort-dev/images/icon_excli.png
Binary files differ
diff --git a/config/snort-dev/snort.inc b/config/snort-dev/snort.inc
index b6012e51..cd8ba9a2 100644
--- a/config/snort-dev/snort.inc
+++ b/config/snort-dev/snort.inc
@@ -58,19 +58,23 @@ if ($pfsense_ver_chk == '1.2.3-RELEASE')
}
if(snort_up_ck != ''){
-
- $snort_up_pre = exec("/usr/bin/top -a -U snort -u | grep -v grep | grep \"R {$snort_uuid}_{$if_real}\" | awk '{print \$1;}'");
- $snort_up_s = exec("/usr/bin/top -U snort -u | grep snort | grep {$snort_up_pre} | /usr/bin/awk '{print \$1;}'");
- $snort_up_r = exec("/usr/bin/top -U root -u | grep snort | grep {$snort_up_pre} | /usr/bin/awk '{print \$1;}'");
- if ($snort_up_s != '' || $snort_up_r != '') {
- $snort_up = 'yes';
+ //$snort_up_pre = exec("/usr/bin/top -a -U snort -u | grep -v grep | grep \"R {$snort_uuid}_{$if_real}\" | awk '{print \$1;}'");
+ //$snort_up_s = exec("/usr/bin/top -U snort -u | grep snort | grep {$snort_up_pre} | /usr/bin/awk '{print \$1;}'");
+ //$snort_up_r = exec("/usr/bin/top -U root -u | grep snort | grep {$snort_up_pre} | /usr/bin/awk '{print \$1;}'");
+
+ /* use ob_clean to clear output buffer, this code needs to be watched */
+ ob_clean();
+ $snort_up_prell = exec("/usr/bin/top -a -U snort -u | grep -v grep | grep \"R {$snort_uuid}_{$if_real}\" | awk '{print \$1;}'", $retval);
+
+ if ($snort_up_prell != "") {
+ $snort_uph = 'yes';
}else{
- $snort_up = 'no';
+ $snort_uph = 'no';
}
}
- return $snort_up;
+ return $snort_uph;
}
/* checks to see if barnyard2 is running yes/no */
@@ -86,11 +90,15 @@ if ($pfsense_ver_chk == '1.2.3-RELEASE')
if(snort_up_ck_b != ''){
+ //$snort_up_pre_b = exec("/usr/bin/top -a -U snort -u | grep -v grep | grep \"f snort_{$snort_uuid}_{$if_real}.u2\" | awk '{print \$1;}'");
+ //$snort_up_s_b = exec("/usr/bin/top -U snort -u | grep barnyard2 | grep {$snort_up_pre_b} | /usr/bin/awk '{print \$1;}'");
+ //$snort_up_r_b = exec("/usr/bin/top -U root -u | grep barnyard2 | grep {$snort_up_pre_b} | /usr/bin/awk '{print \$1;}'");
+
+ /* use ob_clean to clear output buffer, this code needs to be watched */
+ ob_clean();
$snort_up_pre_b = exec("/usr/bin/top -a -U snort -u | grep -v grep | grep \"f snort_{$snort_uuid}_{$if_real}.u2\" | awk '{print \$1;}'");
- $snort_up_s_b = exec("/usr/bin/top -U snort -u | grep barnyard2 | grep {$snort_up_pre_b} | /usr/bin/awk '{print \$1;}'");
- $snort_up_r_b = exec("/usr/bin/top -U root -u | grep barnyard2 | grep {$snort_up_pre_b} | /usr/bin/awk '{print \$1;}'");
- if ($snort_up_s_b != '' || $snort_up_r != '') {
+ if ($snort_up_pre_b != '') {
$snort_up_b = 'yes';
}else{
$snort_up_b = 'no';
@@ -288,6 +296,7 @@ function snort_postinstall()
exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/images/logo.jpg');
exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/images/footer.jpg');
exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/images/footer2.jpg');
+ exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/images/icon_excli.png');
chdir ("/usr/local/www/snort/javascript/");
exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/javascript/jquery.blockUI.js');
exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/javascript/jquery-1.3.2.js');
@@ -592,7 +601,6 @@ $snort_dir_filter_search_result = array_diff($snort_dir_filter, $snort_rules_lis
foreach ($snort_dir_filter_search_result as $value)
{
exec("rm -r /usr/local/etc/snort/$value");
- exec("echo \"rm -r /usr/local/etc/snort/$value\" >> /root/test.log");
}
}
@@ -661,7 +669,6 @@ if ($id != '' && $if_real != '') //new
sync_snort_package();
- exec("echo \"Funtion sync all $id $if_real $snort_uuid....\" >> /root/test.log");
conf_mount_ro();
}
}
@@ -1062,8 +1069,6 @@ function snort_deinstall()
global $config, $g, $id, $if_real;
conf_mount_rw();
-exec("echo \"Snort Deinstall $if_real $id....\" >> /root/test.log");
-
/* remove custom sysctl */
remove_text_from_file("/etc/sysctl.conf", "sysctl net.bpf.bufsize=20480");
/* decrease bpf buffers back to 4096, from 20480 */
@@ -1092,8 +1097,6 @@ function snort_rm_blocked_deinstall_cron($should_install)
global $config, $g;
conf_mount_rw();
-exec("echo \"Deinstall cron block....\" >> /root/test.log");
-
$is_installed = false;
if(!$config['cron']['item'])
@@ -1131,8 +1134,6 @@ exec("echo \"Deinstall cron block....\" >> /root/test.log");
{
global $config, $g;
conf_mount_rw();
-
-exec("echo \"Deinstall rules up ....\" >> /root/test.log");
$is_installed = false;
@@ -1170,6 +1171,7 @@ snort_rules_up_deinstall_cron("");
exec("rm -r /usr/local/www/snort");
exec("rm -r /usr/local/pkg/snort");
exec("rm -r /usr/local/lib/snort/");
+ exec("rm -r /var/log/snort/");
conf_mount_ro();
@@ -2103,7 +2105,6 @@ function check_for_common_errors($filename) {
hide_progress_bar_status();
} else {
log_error("An error occured. Scroll down to inspect it's contents.");
- echo "An error occured. Scroll down to inspect it's contents.";
}
if(!$console_mode) {
update_output_window(strip_tags("$contents"));
diff --git a/config/snort-dev/snort_barnyard.php b/config/snort-dev/snort_barnyard.php
index 8189e414..b8f05c47 100644
--- a/config/snort-dev/snort_barnyard.php
+++ b/config/snort-dev/snort_barnyard.php
@@ -41,6 +41,7 @@ Important add error checking
require_once("globals.inc");
require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
if (!is_array($config['installedpackages']['snortglobal']['rule'])) {
$config['installedpackages']['snortglobal']['rule'] = array();
@@ -130,7 +131,28 @@ if (isset($_GET['dup']))
$if_real = convert_friendly_interface_to_real_interface_name($pconfig['interface']);
$snort_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid'];
-if ($_POST) {
+
+ /* alert file */
+$d_snortconfdirty_path = "/var/run/snort_conf_{$snort_uuid}_{$if_real}.dirty";
+
+ /* this will exec when alert says apply */
+ if ($_POST['apply']) {
+
+ if (file_exists($d_snortconfdirty_path)) {
+
+ write_config();
+
+ sync_snort_package_all();
+ sync_snort_package();
+
+ unlink($d_snortconfdirty_path);
+
+ }
+
+ }
+
+
+ if ($_POST["Submit"]) {
/* check for overlaps */
foreach ($a_nat as $natent) {
@@ -215,13 +237,16 @@ if ($_POST) {
$a_nat[] = $natent;
}
- /* enable this if you want the user to aprove changes */
- // touch($d_natconfdirty_path);
- sync_snort_package_all();
-
write_config();
/* after click go to this page */
+ touch($d_snortconfdirty_path);
+ header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
+ header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
+ header( 'Cache-Control: no-store, no-cache, must-revalidate' );
+ header( 'Cache-Control: post-check=0, pre-check=0', false );
+ header( 'Pragma: no-cache' );
+ sleep(2);
header("Location: snort_barnyard.php?id=$id");
exit;
}
@@ -272,9 +297,34 @@ echo "
//-->
</script>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
<form action="snort_barnyard.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
+
+<?php
+
+ /* Display Alert message */
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
+
+ if ($savemsg) {
+ print_info_box2($savemsg);
+ }
+
+ if (file_exists($d_snortconfdirty_path)) {
+ echo '<p>';
+
+ if($savemsg) {
+ print_info_box_np2("{$savemsg}");
+ }else{
+ print_info_box_np2('
+ The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+ You must apply the changes in order for them to take effect.<br>
+ ');
+ }
+ }
+
+?>
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td class="tabnavtbl">
<?php
@@ -365,7 +415,7 @@ if($id != "")
<tr>
<td width="22%" valign="top">&nbsp;</td>
<td width="78%">
- <input name="Submit" type="submit" class="formbtn" value="Save"> <input name="Submit2" type="submit" class="formbtn" value="Start" onClick="enable_change(true)"> <input type="button" class="formbtn" value="Cancel" onclick="history.back()">
+ <input name="Submit" type="submit" class="formbtn" value="Save"><input type="button" class="formbtn" value="Cancel" onclick="history.back()">
<?php if (isset($id) && $a_nat[$id]): ?>
<input name="id" type="hidden" value="<?=$id;?>">
<?php endif; ?>
diff --git a/config/snort-dev/snort_define_servers.php b/config/snort-dev/snort_define_servers.php
index 2d1f1f1d..dfda630b 100644
--- a/config/snort-dev/snort_define_servers.php
+++ b/config/snort-dev/snort_define_servers.php
@@ -41,10 +41,12 @@ Important add error checking
require_once("globals.inc");
require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
if (!is_array($config['installedpackages']['snortglobal']['rule'])) {
$config['installedpackages']['snortglobal']['rule'] = array();
}
+
//nat_rules_sort();
$a_nat = &$config['installedpackages']['snortglobal']['rule'];
@@ -57,6 +59,7 @@ if (isset($_GET['dup'])) {
$after = $_GET['dup'];
}
+
if (isset($id) && $a_nat[$id]) {
/* old options */
@@ -125,7 +128,8 @@ if (isset($_GET['dup']))
/* convert fake interfaces to real */
$if_real = convert_friendly_interface_to_real_interface_name($pconfig['interface']);
-if ($_POST) {
+
+ if ($_POST["Submit"]) {
/* check for overlaps */
@@ -204,18 +208,45 @@ if ($_POST) {
$a_nat[] = $natent;
}
- /* enable this if you want the user to aprove changes */
- // touch($d_natconfdirty_path);
- sync_snort_package_all();
-
write_config();
/* after click go to this page */
+
+ touch($d_snortconfdirty_path);
+
+ header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
+ header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
+ header( 'Cache-Control: no-store, no-cache, must-revalidate' );
+ header( 'Cache-Control: post-check=0, pre-check=0', false );
+ header( 'Pragma: no-cache' );
+ sleep(2);
+
header("Location: snort_define_servers.php?id=$id");
+
exit;
}
}
+
+ /* alert file */
+$d_snortconfdirty_path = "/var/run/snort_conf_{$pconfig['uuid']}_{$if_real}.dirty";
+
+ /* this will exec when alert says apply */
+ if ($_POST['apply']) {
+
+ if (file_exists($d_snortconfdirty_path)) {
+
+ write_config();
+
+ sync_snort_package_all();
+ sync_snort_package();
+
+ unlink($d_snortconfdirty_path);
+
+ }
+
+ }
+
$pgtitle = "Snort: Interface $id$if_real Define Servers";
include("head.inc");
@@ -241,9 +272,36 @@ padding: 15px 10px 85% 50px;
<noscript><div class="alert" ALIGN=CENTER><img src="/themes/nervecenter/images/icons/icon_alert.gif"/><strong>Please enable JavaScript to view this content</CENTER></div></noscript>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
+
<form action="snort_define_servers.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
+
+<?php
+
+ /* Display message */
+
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
+
+ if ($savemsg) {
+ print_info_box2($savemsg);
+ }
+
+ if (file_exists($d_snortconfdirty_path)) {
+ echo '<p>';
+
+ if($savemsg) {
+ print_info_box_np2("{$savemsg}");
+ }else{
+ print_info_box_np2('
+ The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+ You must apply the changes in order for them to take effect.<br>
+ ');
+ }
+ }
+
+?>
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td class="tabnavtbl">
<?php
diff --git a/config/snort-dev/snort_download_rules.php b/config/snort-dev/snort_download_rules.php
index dd2a22e8..b2bcb748 100644
--- a/config/snort-dev/snort_download_rules.php
+++ b/config/snort-dev/snort_download_rules.php
@@ -75,8 +75,15 @@ $emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats'
$if_mrule_dir = "/usr/local/etc/snort/rules";
$mfolder_chk = (count(glob("$if_mrule_dir/*")) === 0) ? 'empty' : 'full';
+
+if (file_exists('/var/run/snort.conf.dirty')) {
+ $snort_dirty_d = 'stop';
+}
+
+
+
/* If no id show the user a button */
-if ($id_d == "" || $snort_emrging_info == "stop" || $snort_oinkid_info == "stop") {
+if ($id_d == "" || $snort_emrging_info == "stop" || $snort_oinkid_info == "stop" || $snort_dirty_d == 'stop') {
$pgtitle = "Services: Snort: Rule Updates";
@@ -85,6 +92,27 @@ include("./snort_fbegin.inc");
echo "<p class=\"pgtitle\">";
if($pfsense_stable == 'yes'){echo $pgtitle;}
echo "</p>\n";
+
+ echo "<table height=\"32\" width=\"100%\">\n";
+ echo " <tr>\n";
+ echo " <td>\n";
+ echo " <div style='background-color:#E0E0E0' id='redbox'>\n";
+ echo " <table width='100%'><tr><td width='8%'>\n";
+ echo " &nbsp;&nbsp;&nbsp;<img style='vertical-align:middle' src=\"/snort/images/icon_excli.png\" width=\"40\" height=\"32\">\n";
+ echo " </td>\n";
+ echo " <td width='70%'><font color='#FF850A'><b>NOTE:</b></font><font color='#000000'>&nbsp;&nbsp;Snort.org and Emergingthreats.net will go down from time to time. Please be patient.</font>\n";
+ echo " </td>";
+ echo " </tr></table>\n";
+ echo " </div>\n";
+ echo " </td>\n";
+ echo "</table>\n";
+ echo "<script type=\"text/javascript\">\n";
+ echo "NiftyCheck();\n";
+ echo "Rounded(\"div#redbox\",\"all\",\"#FFF\",\"#E0E0E0\",\"smooth\");\n";
+ echo "Rounded(\"td#blackbox\",\"all\",\"#FFF\",\"#000000\",\"smooth\");\n";
+ echo "</script>\n";
+ echo "\n<br>\n";
+
/* make sure user has javascript on */
echo "<style type=\"text/css\">
.alert {
@@ -146,6 +174,9 @@ if ($snort_oinkid_info == "stop") {
echo "<span class=\"red\"><strong>WARNING:</strong></span> &nbsp;&nbsp;Click on the <strong>\"Global Settings\"</strong> tab and enter a <strong>oinkmaster</strong> code. <br><br> \n";
}
+if ($snort_dirty_d == "stop") {
+echo "<span class=\"red\"><strong>WARNING:</span> CHANGES HAVE NOT BEEN APPLIED</strong> &nbsp;&nbsp;Click on the <strong>\"Apply Settings\"</strong> button at the main interface tab.<br><br> \n";
+}
echo " </td>\n
</tr>\n
diff --git a/config/snort-dev/snort_fbegin.inc b/config/snort-dev/snort_fbegin.inc
index b8faff09..b8faff09 100755..100644
--- a/config/snort-dev/snort_fbegin.inc
+++ b/config/snort-dev/snort_fbegin.inc
diff --git a/config/snort-dev/snort_gui.inc b/config/snort-dev/snort_gui.inc
index c485d1ac..95a0e597 100644
--- a/config/snort-dev/snort_gui.inc
+++ b/config/snort-dev/snort_gui.inc
@@ -59,10 +59,8 @@ function print_info_box_np2($msg) {
echo "</script>\n";
echo "\n<br>\n";
- exec("echo \"Funtion print info ....\" >> /root/test.log");
-
}
-?> \ No newline at end of file
+?>
diff --git a/config/snort-dev/snort_help_info.php b/config/snort-dev/snort_help_info.php
index c3724b44..5355ec77 100644
--- a/config/snort-dev/snort_help_info.php
+++ b/config/snort-dev/snort_help_info.php
@@ -33,6 +33,7 @@
*/
require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort.inc");
header("snort_help_info.php");
header( "Expires: Mon, 20 Dec 1998 01:00:00 GMT" );
@@ -92,15 +93,92 @@ clear: both;
</td>
</tr>
</table>
+
+<?php
+/* TODO: remove when 2.0 stable */
+if ($pfsense_stable == 'yes') {
+
+$footer2 = "
+
+<style type=\"text/css\">
+
+#footer2
+{
+ position: relative;
+ top: 27px;
+ background-color: #cccccc;
+ background-image: none;
+ background-repeat: repeat;
+ background-attachment: scroll;
+ background-position: 0% 0%;
+ width: 810px;
+ right: 15px;
+ font-size: 0.8em;
+ text-align: center;
+ padding-top: 0px;
+ padding-right: 0px;
+ padding-bottom: 0px;
+ padding-left: 0px;
+ clear: both;
+}
+
+</style>
+
+ <div id=\"footer2\">
+ <IMG SRC=\"./images/footer2.jpg\" width=\"800px\" height=\"35\" ALT=\"Apps\">
+ Snort is a registered trademark of Sourcefire, Inc, Barnyard2 is a registered trademark of securixlive.com, Orion copyright Robert Zelaya,
+ Emergingthreats is a registered trademark of emergingthreats.net, Mysql is a registered trademark of Mysql.com
+ </div>\n";
+}
+
+if ($pfsense_stable != 'yes') {
+$footer3 = "
+
+<style type=\"text/css\">
+
+#footer3
+{
+
+top: 105px;
+position: relative;
+background-color: #FFFFFF;
+background-image: url(\"./images/footer2.jpg\");
+background-repeat: no-repeat;
+background-attachment: scroll;
+background-position: 0px 0px;
+bottom: 0px;
+width: 770px;
+height: 35px;
+color: #000000;
+text-align: center;
+font-size: 0.8em;
+padding-top: 35px;
+padding-left: 0px;
+clear: both;
+
+}
+
+</style>
+
+ <div id=\"footer3\">
+ Snort is a registered trademark of Sourcefire, Inc, Barnyard2 is a registered trademark of securixlive.com, Orion copyright Robert Zelaya,
+ Emergingthreats is a registered trademark of emergingthreats.net, Mysql is a registered trademark of Mysql.com
+ </div>\n";
+}
+?>
+
+
<div>
<iframe style="width: 780px; height: 600px; overflow-x: hidden;" src='/snort/help_and_info.php'></iframe>
</div>
- <div id="footer2">
- Snort is a registered trademark of Sourcefire, Inc., Barnyard2 is a registered trademark of securixlive.com, Orion copyright Robert Zelaya,
- Emergingthreats is a registered trademark of emergingthreats.net, Mysql is a registered trademark of Mysql.com.
- </div>
+
+<?php echo $footer2;?>
+
</div>
</div>
+
+<?php //echo $footer3;?>
+
<div id="footer">
<a target="_blank" href="http://www.pfsense.org/?gui12" class="redlnk">pfSense</a> is &copy;
2004 - 2009 by <a href="http://www.bsdperimeter.com" class="tblnk">BSD Perimeter LLC</a>. All Rights Reserved.
diff --git a/config/snort-dev/snort_interfaces.php b/config/snort-dev/snort_interfaces.php
index 44e8aa3d..b2f72aad 100644
--- a/config/snort-dev/snort_interfaces.php
+++ b/config/snort-dev/snort_interfaces.php
@@ -50,40 +50,38 @@ $id_gen = count($config['installedpackages']['snortglobal']['rule']);
$id_gen = '0';
}
-/* if a custom message has been passed along, lets process it */
-if ($_GET['savemsg'])
- $savemsg = $_GET['savemsg'];
-
-if ($_POST) {
-
- $pconfig = $_POST;
+/* alert file */
+$d_snortconfdirty_path_ls = exec('/bin/ls /var/run/snort_conf_*.dirty');
+
+ /* this will exec when alert says apply */
if ($_POST['apply']) {
-
- write_config();
-
- $retval = 0;
-
- if(stristr($retval, "error") <> true)
- $savemsg = get_std_save_message($retval);
- else
- $savemsg = $retval;
-
- unlink_if_exists("/tmp/config.cache");
- $retval |= filter_configure();
-
- if ($retval == 0) {
- if (file_exists($d_natconfdirty_path))
- unlink($d_natconfdirty_path);
- if (file_exists($d_filterconfdirty_path))
- unlink($d_filterconfdirty_path);
+
+ if ($d_snortconfdirty_path_ls != '') {
+
+ write_config();
+
+ sync_snort_package_empty();
+ sync_snort_package();
+
+ exec('/bin/rm /var/run/snort_conf_*.dirty');
+
+ header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
+ header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
+ header( 'Cache-Control: no-store, no-cache, must-revalidate' );
+ header( 'Cache-Control: post-check=0, pre-check=0', false );
+ header( 'Pragma: no-cache' );
+ sleep(2);
+ header("Location: /snort/snort_interfaces.php");
+
+ exit;
+
}
-
- exec("echo \"Sync Empty on POST on interfaces.php....\" >> /root/test.log");
-
+
}
-}
-
+
+
+
if (isset($_POST['del_x'])) {
/* delete selected rules */
if (is_array($_POST['rule']) && count($_POST['rule'])) {
@@ -162,14 +160,21 @@ if (isset($_POST['del_x'])) {
unset($a_nat[$rulei]);
}
- exec("echo \"Removing old files ....\" >> /root/test.log");
conf_mount_rw();
exec("/bin/rm /var/log/snort/snort.u2_{$snort_uuid}_{$if_real}*");
exec("/bin/rm -r /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}");
conf_mount_ro();
write_config();
- //touch($d_natconfdirty_path);
+
+ touch("/var/run/snort_conf_delete.dirty");
+
+ header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
+ header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
+ header( 'Cache-Control: no-store, no-cache, must-revalidate' );
+ header( 'Cache-Control: post-check=0, pre-check=0', false );
+ header( 'Pragma: no-cache' );
+ sleep(2);
header("Location: /snort/snort_interfaces.php");
exit;
}
@@ -272,19 +277,40 @@ padding: 15px 10px 50% 50px;
<noscript><div class="alert" ALIGN=CENTER><img src="../themes/nervecenter/images/icons/icon_alert.gif"/><strong>Please enable JavaScript to view this content</CENTER></div></noscript>
<form action="/snort/snort_interfaces.php" method="post" name="iform">
-<?php if (file_exists($d_natconfdirty_path)): ?><p>
+
<?php
- if($savemsg)
- print_info_box_np2("{$savemsg}<br>The Snort configuration has been changed.<br>You must apply the changes in order for them to take effect.");
- else
- print_info_box_np2("The Snort configuration has been changed.<br>You must apply the changes in order for them to take effect.");
+
+ /* Display Alert message */
+
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
+
+ if ($savemsg) {
+ print_info_box2($savemsg);
+ }
+
+ //if (file_exists($d_snortconfdirty_path)) {
+ if ($d_snortconfdirty_path_ls != '') {
+ echo '<p>';
+
+ if($savemsg) {
+ print_info_box_np2("{$savemsg}");
+ }else{
+ print_info_box_np2('
+ The Snort configuration has changed for one or more interfaces.<br>
+ You must apply the changes in order for them to take effect.<br>
+ ');
+ }
+ }
+
?>
-<?php endif; ?>
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
$tab_array = array();
- $tab_array[] = array("Snort Inertfaces", true, "/snort/snort_interfaces.php");
+ $tab_array[] = array("Snort Interfaces", true, "/snort/snort_interfaces.php");
$tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
$tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
$tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
@@ -299,7 +325,7 @@ padding: 15px 10px 50% 50px;
<div id="mainarea">
<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
<tr id="frheader">
- <td width="4%" class="list">&nbsp;</td>
+ <td width="5%" class="list">&nbsp;</td>
<td width="1%" class="list">&nbsp;</td>
<td width="10%" class="listhdrr">If</td>
<td width="10%" class="listhdrr">Snort</td>
diff --git a/config/snort-dev/snort_interfaces_edit.php b/config/snort-dev/snort_interfaces_edit.php
index 960da061..164f154a 100644
--- a/config/snort-dev/snort_interfaces_edit.php
+++ b/config/snort-dev/snort_interfaces_edit.php
@@ -32,6 +32,8 @@
require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
+
if (!is_array($config['installedpackages']['snortglobal']['rule'])) {
$config['installedpackages']['snortglobal']['rule'] = array();
@@ -48,6 +50,7 @@ if (isset($_GET['dup'])) {
$after = $_GET['dup'];
}
+
/* always have a limit of (65535) numbers only or snort will not start do to id limits */
/* TODO: When inline gets added make the uuid the port number lisstening */
//function gen_snort_uuid($fileline)
@@ -149,10 +152,40 @@ if (isset($id) && $a_nat[$id]) {
if (isset($_GET['dup']))
unset($id);
+/* alert file */
+$d_snortconfdirty_path = "/var/run/snort_conf_{$snort_uuid}_{$if_real}.dirty";
+
+ /* this will exec when alert says apply */
+ if ($_POST['apply']) {
+
+ if (file_exists("/var/run/snort_conf_{$snort_uuid}_.dirty")) {
+
+ write_config();
+
+ sync_snort_package_empty();
+ sync_snort_package();
+
+ unlink("/var/run/snort_conf_{$snort_uuid}_.dirty");
+
+ }
+
+ if (file_exists($d_snortconfdirty_path)) {
+
+ write_config();
+
+ sync_snort_package_all();
+ sync_snort_package();
+
+ unlink($d_snortconfdirty_path);
+
+ }
+
+ }
if ($_POST["Submit"]) {
-
+
+
// if ($config['installedpackages']['snortglobal']['rule']) {
if ($_POST['descr'] == '' && $pconfig['descr'] == '') {
$input_errors[] = "Please enter a description for your reference.";
@@ -264,12 +297,9 @@ if ($_POST["Submit"]) {
}
write_config();
-
- if ($pconfig['interface'] != "") {
- sync_snort_package_all();
- }
- //touch($d_natconfdirty_path);
+ touch("$d_snortconfdirty_path");
+
header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
header( 'Cache-Control: no-store, no-cache, must-revalidate' );
@@ -281,20 +311,6 @@ if ($_POST["Submit"]) {
exit;
}
}
-
- if (isset($config['installedpackages']['snortglobal']['rule'][$id]['interface']))
- {
- $snort_up_ck2_info = Running_Ck($snort_uuid, $if_real, $id);
- if ($snort_up_ck2_info == 'no')
- {
- $snort_up_ck = '<input name="Submit2" type="submit" class="formbtn" value="Start" onClick="enable_change(true)">';
- }else{
- $snort_up_ck = '<input name="Submit3" type="submit" class="formbtn" value="Stop" onClick="enable_change(true)">';
- }
- }else{
- $snort_up_ck = '';
- }
-
if ($_POST["Submit2"]) {
@@ -327,34 +343,22 @@ if ($_POST["Submit"]) {
header("Location: /snort/snort_interfaces_edit.php?id=$id");
}
-
- if ($_POST["Reset"])
- {
- conf_mount_rw();
+ /* This code needs to be below headers */
+ if (isset($config['installedpackages']['snortglobal']['rule'][$id]['interface']))
+ {
+
+ $snort_up_ck2_info = Running_Ck($snort_uuid, $if_real, $id);
- Running_Stop($snort_uuid, $if_real, $id);
- sleep(2);
-
- /* remove all snort iface dir */
- exec('rm -r /usr/local/etc/snort/snort_*');
- exec('rm /var/log/snort/*');
-
- unset($config['installedpackages']['snortglobal']['rule'][$id]);
- write_config();
-
- header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
- header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
- header( 'Cache-Control: no-store, no-cache, must-revalidate' );
- header( 'Cache-Control: post-check=0, pre-check=0', false );
- header( 'Pragma: no-cache' );
- sleep(2);
- header("Location: /snort/snort_interfaces_edit.php?id=$id");
+ if ($snort_up_ck2_info == 'no') {
+ $snort_up_ck = '<input name="Submit2" type="submit" class="formbtn" value="Start" onClick="enable_change(true)">';
+ }else{
+ $snort_up_ck = '<input name="Submit3" type="submit" class="formbtn" value="Stop" onClick="enable_change(true)">';
+ }
- conf_mount_ro();
-
- }
-
+ }else{
+ $snort_up_ck = '';
+ }
$pgtitle = "Snort: Interface Edit: $id $snort_uuid $if_real";
@@ -407,9 +411,37 @@ echo "
</script>
<p class="pgtitle"><?php if($pfsense_stable == 'yes'){echo $pgtitle;}?></p>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
+
<form action="snort_interfaces_edit.php<?php echo "?id=$id";?>" method="post" enctype="multipart/form-data" name="iform" id="iform">
+
+<?php
+
+ /* Display Alert message */
+
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
+
+ if ($savemsg) {
+ print_info_box2($savemsg);
+ }
+
+ //if (file_exists($d_snortconfdirty_path)) {
+ if (file_exists($d_snortconfdirty_path) || file_exists("/var/run/snort_conf_{$snort_uuid}_.dirty")) {
+ echo '<p>';
+
+ if($savemsg) {
+ print_info_box_np2("{$savemsg}");
+ }else{
+ print_info_box_np2('
+ The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+ You must apply the changes in order for them to take effect.<br>
+ ');
+ }
+ }
+
+?>
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td class="tabnavtbl">
<?php
@@ -444,16 +476,20 @@ if ($a_nat[$id]['interface'] != '') {
}
$tab_array = array();
+ if (!file_exists("/var/run/snort_conf_{$snort_uuid}_.dirty")) {
$tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+ }
$tab_array[] = array("If Settings", true, "/snort/snort_interfaces_edit.php?id={$id}");
/* hide user tabs when no settings have be saved */
if ($config['installedpackages']['snortglobal']['rule'][$id]['interface'] != '') {
+ if (!file_exists("/var/run/snort_conf_{$snort_uuid}_.dirty")) {
//$tab_array[] = array("upload", false, "/snort/snort_conf_upload.php?id={$id}");
$tab_array[] = array("Categories", false, "/snort/snort_rulesets.php?id={$id}");
$tab_array[] = array("Rules", false, "/snort/snort_rules.php?id={$id}");
$tab_array[] = array("Servers", false, "/snort/snort_define_servers.php?id={$id}");
$tab_array[] = array("Preprocessors", false, "/snort/snort_preprocessors.php?id={$id}");
$tab_array[] = array("Barnyard2", false, "/snort/snort_barnyard.php?id={$id}");
+ }
}
display_top_tabs($tab_array);
@@ -543,8 +579,7 @@ if ($a_nat[$id]['interface'] != '') {
Snort will log Alerts to a file in the UNIFIED2 format. This is a requirement for barnyard2.</td>
</tr>
<tr>
- <td width="22%" valign="top"><input name="Reset" type="submit" class="formbtn" value="Reset" onclick="return confirm('Do you really want to reset this Snort Interface?')" ><span class="red"><strong>&nbsp;WARNING:</strong><br>
- This will reset this interface.</span>&nbsp;</td>
+ <td width="22%" valign="top"></td>
<td width="78%">
<input name="Submit" type="submit" class="formbtn" value="Save"> <?php echo $snort_up_ck; ?> <input type="button" class="formbtn" value="Cancel" onclick="history.back()">
<?php if (isset($id) && $a_nat[$id]): ?>
diff --git a/config/snort-dev/snort_interfaces_global.php b/config/snort-dev/snort_interfaces_global.php
index e3d0daf5..ff3620a3 100644
--- a/config/snort-dev/snort_interfaces_global.php
+++ b/config/snort-dev/snort_interfaces_global.php
@@ -111,7 +111,11 @@ if ($_POST) {
$savemsg = get_std_save_message($retval);
}
- }
+
+ sync_snort_package_all();
+ sync_snort_package();
+
+}
if ($_POST["Reset"]) {
diff --git a/config/snort-dev/snort_preprocessors.php b/config/snort-dev/snort_preprocessors.php
index 6e634891..c522a643 100644
--- a/config/snort-dev/snort_preprocessors.php
+++ b/config/snort-dev/snort_preprocessors.php
@@ -33,6 +33,7 @@
require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
if (!is_array($config['installedpackages']['snortglobal']['rule'])) {
$config['installedpackages']['snortglobal']['rule'] = array();
@@ -120,7 +121,29 @@ if (isset($_GET['dup']))
/* convert fake interfaces to real */
$if_real = convert_friendly_interface_to_real_interface_name($pconfig['interface']);
-if ($_POST) {
+
+
+ /* alert file */
+$d_snortconfdirty_path = "/var/run/snort_conf_{$pconfig['uuid']}_{$if_real}.dirty";
+
+ /* this will exec when alert says apply */
+ if ($_POST['apply']) {
+
+ if (file_exists($d_snortconfdirty_path)) {
+
+ write_config();
+
+ sync_snort_package_all();
+ sync_snort_package();
+
+ unlink($d_snortconfdirty_path);
+
+ }
+
+ }
+
+
+ if ($_POST["Submit"]) {
/* check for overlaps */
@@ -198,13 +221,16 @@ if ($_POST) {
$a_nat[] = $natent;
}
- /* enable this if you want the user to aprove changes */
- // touch($d_natconfdirty_path);
- sync_snort_package_all();
-
write_config();
/* after click go to this page */
+ touch($d_snortconfdirty_path);
+ header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
+ header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
+ header( 'Cache-Control: no-store, no-cache, must-revalidate' );
+ header( 'Cache-Control: post-check=0, pre-check=0', false );
+ header( 'Pragma: no-cache' );
+ sleep(2);
header("Location: snort_preprocessors.php?id=$id");
exit;
}
@@ -235,9 +261,35 @@ padding: 15px 10px 85% 50px;
<noscript><div class="alert" ALIGN=CENTER><img src="../themes/nervecenter/images/icons/icon_alert.gif"/><strong>Please enable JavaScript to view this content</CENTER></div></noscript>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
<form action="snort_preprocessors.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
+
+<?php
+
+ /* Display Alert message */
+
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
+
+ if ($savemsg) {
+ print_info_box2($savemsg);
+ }
+
+ if (file_exists($d_snortconfdirty_path)) {
+ echo '<p>';
+
+ if($savemsg) {
+ print_info_box_np2("{$savemsg}");
+ }else{
+ print_info_box_np2('
+ The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+ You must apply the changes in order for them to take effect.<br>
+ ');
+ }
+ }
+
+?>
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td class="tabnavtbl">
<?php
diff --git a/config/snort-dev/snort_rulesets.php b/config/snort-dev/snort_rulesets.php
index 53c5d379..ece409e1 100644
--- a/config/snort-dev/snort_rulesets.php
+++ b/config/snort-dev/snort_rulesets.php
@@ -29,9 +29,10 @@
*/
require("guiconfig.inc");
-require_once("filter.inc");
-require_once("service-utils.inc");
+//require_once("filter.inc");
+//require_once("service-utils.inc");
include_once("/usr/local/pkg/snort/snort.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
if (!is_array($config['installedpackages']['snortglobal']['rule'])) {
@@ -122,7 +123,26 @@ exit(0);
}
-if($_POST) {
+ /* alert file */
+$d_snortconfdirty_path = "/var/run/snort_conf_{$iface_uuid}_{$if_real}.dirty";
+
+ /* this will exec when alert says apply */
+ if ($_POST['apply']) {
+
+ if (file_exists($d_snortconfdirty_path)) {
+
+ write_config();
+
+ sync_snort_package_all();
+ sync_snort_package();
+
+ unlink($d_snortconfdirty_path);
+
+ }
+
+ }
+
+ if ($_POST["Submit"]) {
$enabled_items = "";
$isfirst = true;
if (is_array($_POST['toenable'])) {
@@ -136,7 +156,11 @@ if($_POST) {
$enabled_items = $_POST['toenable'];
}
$a_nat[$id]['rulesets'] = $enabled_items;
+
write_config();
+
+ touch($d_snortconfdirty_path);
+
header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
header( 'Cache-Control: no-store, no-cache, must-revalidate' );
@@ -145,7 +169,7 @@ if($_POST) {
sleep(2);
sync_snort_package_all();
header("Location: /snort/snort_rulesets.php?id=$id");
- $savemsg = "The snort ruleset selections have been saved.";
+
}
$enabled_rulesets = $a_nat[$id]['rulesets'];
@@ -165,7 +189,33 @@ echo "<form action=\"snort_rulesets.php?id={$id}\" method=\"post\" name=\"iform\
?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php
+
+ /* Display message */
+
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
+
+ if ($savemsg) {
+ print_info_box2($savemsg);
+ }
+
+ if (file_exists($d_snortconfdirty_path)) {
+ echo '<p>';
+
+ if($savemsg) {
+ print_info_box_np2("{$savemsg}");
+ }else{
+ print_info_box_np2('
+ The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+ You must apply the changes in order for them to take effect.<br>
+ ');
+ }
+ }
+
+?>
+
<table width="99%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
@@ -231,7 +281,7 @@ echo "<form action=\"snort_rulesets.php?id={$id}\" method=\"post\" name=\"iform\
<tr><td>&nbsp;</td></tr>
<tr><td>Check the rulesets that you would like Snort to load at startup.</td></tr>
<tr><td>&nbsp;</td></tr>
- <tr><td><input value="Save" type="submit" name="save" id="save" /></td></tr>
+ <tr><td><input value="Save" type="submit" name="Submit" id="Submit" /></td></tr>
</table>
</div>
</td>