diff options
author | Ermal <eri@pfsense.org> | 2012-07-16 08:43:35 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2012-07-16 08:43:35 +0000 |
commit | a42356458f46215de8718088c2f9143294532bca (patch) | |
tree | bfa23cabeff8db13f8e2788f9f6fc8d490f87fb5 | |
parent | 39e483f9ac54ffd15db993d9bea675879e8f5f8b (diff) | |
download | pfsense-packages-a42356458f46215de8718088c2f9143294532bca.tar.gz pfsense-packages-a42356458f46215de8718088c2f9143294532bca.tar.bz2 pfsense-packages-a42356458f46215de8718088c2f9143294532bca.zip |
Force use of aliases from pfSense for replacing snort var settings. Also make snort var settings generic and overridable in all of its definitions
-rw-r--r-- | config/snort/snort.inc | 55 | ||||
-rw-r--r-- | config/snort/snort_alerts.php | 70 | ||||
-rw-r--r-- | config/snort/snort_blocked.php | 10 | ||||
-rw-r--r-- | config/snort/snort_define_servers.php | 542 | ||||
-rw-r--r-- | config/snort/snort_interfaces_whitelist_edit.php | 156 |
5 files changed, 251 insertions, 582 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 26542341..27598f3d 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -49,6 +49,24 @@ define("SNORTLOGDIR", "/var/log/snort"); if (!is_array($config['installedpackages']['snortglobal'])) $config['installedpackages']['snortglobal'] = array(); +function snort_get_blocked_ips() { + $blocked_ips = ""; + exec('/sbin/pfctl -t snort2c -T show', $blocked_ips); + $blocked_ips_array = array(); + if (!empty($blocked_ips)) { + $blocked_ips_array = array(); + if (is_array($blocked_ips)) { + foreach ($blocked_ips as $blocked_ip) { + if (empty($blocked_ip)) + continue; + $blocked_ips_array[] = trim($blocked_ip, " \n\t"); + } + } + } + + return $blocked_ips_array; +} + function snort_get_rule_part($source, $beginning, $ending, $start_pos) { $beginning_pos = strpos($source, $beginning, $start_pos); @@ -114,8 +132,8 @@ function snort_build_list($snortcfg, $listname = "") { $wandns = $whitelist['wandnsips']; $vips = $whitelist['vips']; $vpns = $whitelist['vpnips']; - if (!empty($whitelist['address'])) { - $home_net .= trim($whitelist['address']); + if (!empty($whitelist['address']) && is_alias($whitelist['address'])) { + $home_net .= trim(filter_expand_alias($whitelist['address'])); $home_net .= " "; } } @@ -1044,7 +1062,7 @@ function snort_generate_conf($snortcfg) { $ssh_port = $config['system']['ssh']['port']; else $ssh_port = "22"; - $ports = array( + $snort_ports = array( "dns_ports" => "53", "smtp_ports" => "25", "mail_ports" => "25,143,465,691", "http_ports" => "80", "oracle_ports" => "1521", "mssql_ports" => "1433", "telnet_ports" => "23","snmp_ports" => "161", "ftp_ports" => "21", @@ -1075,7 +1093,7 @@ EOD; if (!empty($snortcfg['flow_depth'])) $def_flow_depth_type = $snortcfg['flow_depth']; - $http_ports = str_replace(",", " ", $ports['http_ports']); + $http_ports = str_replace(",", " ", $snort_ports['http_ports']); /* def http_inspect */ $http_inspect = <<<EOD # HTTP Inspect # @@ -1153,7 +1171,7 @@ preprocessor ftp_telnet_protocol: ftp client default \ EOD; - $smtp_ports = str_replace(",", " ", $ports['mail_ports']); + $smtp_ports = str_replace(",", " ", $snort_ports['mail_ports']); /* def smtp_preprocessor */ $smtp_preprocessor = <<<EOD # SMTP preprocessor # @@ -1189,7 +1207,7 @@ preprocessor sfportscan: scan_type { all } \ EOD; - $sun_rpc_ports = str_replace(",", " ", $ports['sun_rpc_ports']); + $sun_rpc_ports = str_replace(",", " ", $snort_ports['sun_rpc_ports']); /* def other_preprocs */ $other_preprocs = <<<EOD # Other preprocs # @@ -1205,13 +1223,13 @@ EOD; # DCE/RPC 2 # preprocessor dcerpc2: memcap 102400, events [smb, co, cl] preprocessor dcerpc2_server: default, policy WinXP, \ - detect [smb [{$ports['smb_ports']}], tcp 135, udp 135, rpc-over-http-server 593], \ + detect [smb [{$snort_ports['smb_ports']}], tcp 135, udp 135, rpc-over-http-server 593], \ autodetect [tcp 1025:, udp 1025:, rpc-over-http-server 1025:], \ smb_max_chain 3 EOD; - $dns_ports = str_replace(",", " ", $ports['dns_ports']); + $dns_ports = str_replace(",", " ", $snort_ports['dns_ports']); /* def dns_preprocessor */ $dns_preprocessor = <<<EOD # DNS preprocessor # @@ -1233,7 +1251,7 @@ EOD; $def_max_queued_segs_type = ", max_queued_segs {$snortcfg['max_queued_segs']}"; /* define servers and ports snortdefservers */ - $servers = array ( + $snort_servers = array ( "dns_servers" => "\$HOME_NET", "smtp_servers" => "\$HOME_NET", "http_servers" => "\$HOME_NET", "www_servers" => "\$HOME_NET", "sql_servers" => "\$HOME_NET", "telnet_servers" => "\$HOME_NET", "snmp_servers" => "\$HOME_NET", "ftp_servers" => "\$HOME_NET", "ssh_servers" => "\$HOME_NET", @@ -1243,19 +1261,22 @@ EOD; ); $vardef = ""; - foreach ($servers as $alias => $avalue) { - if (!empty($snortcfg[$alias])) - $avalue = $snortcfg[$alias]; + foreach ($snort_servers as $alias => $avalue) { + if (!empty($snortcfg["def_{$alias}"]) && is_alias($snortcfg["def_{$alias}"])) { + $avalue = filter_expand_alias($snortcfg["def_{$alias}"]); + $avalue = str_replace(" ", ",", trim($avalue)); + } $vardef .= "var " . strtoupper($alias) . " [{$avalue}]\n"; } $portvardef = ""; - foreach ($ports as $alias => $avalue) { - if (!empty($snortcfg["def_{$alias}"])) - $ports[$alias] = $snortcfg["def_{$alias}"]; - $portvardef .= "portvar " . strtoupper($alias) . " [" . $ports[$alias] . "]\n"; + foreach ($snort_ports as $alias => $avalue) { + if (!empty($snortcfg["def_{$alias}"]) && is_alias($snortcfg["def_{$alias}"])) + $snort_ports[$alias] = filter_expand_alias($snortcfg["def_{$alias}"]); + $snort_ports[$alias] = str_replace(" ", ",", trim($snort_ports[$alias])); + $portvardef .= "portvar " . strtoupper($alias) . " [" . $snort_ports[$alias] . "]\n"; } - $def_ssl_ports_ignore = str_replace(",", " ", $ports['ssl_ports']); + $def_ssl_ports_ignore = str_replace(",", " ", $snort_ports['ssl_ports']); $snort_preproc = array ( "perform_stat", "http_inspect", "other_preprocs", "ftp_preprocessor", "smtp_preprocessor", diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php index ea5c6cb5..939381c5 100644 --- a/config/snort/snort_alerts.php +++ b/config/snort/snort_alerts.php @@ -74,6 +74,16 @@ if ($_POST['save']) { exit; } +if ($_POST['todelete'] || $_GET['todelete']) { + $ip = ""; + if($_POST['todelete']) + $ip = $_POST['todelete']; + else if($_GET['todelete']) + $ip = $_GET['todelete']; + if (is_ipaddr($ip)) + exec("/sbin/pfctl -t snort2c -T delete {$ip}"); +} + if ($_GET['act'] == "addsuppress" && is_numeric($_GET['sidid']) && is_numeric($_GET['gen_id'])) { $suppress = "suppress gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}\n"; if (!is_array($config['installedpackages']['snortglobal']['suppress'])) @@ -165,6 +175,7 @@ if ($pconfig['arefresh'] == 'on') print_input_errors($input_errors); // TODO: add checks } ?> +<form action="/snort/snort_alerts.php" method="post" id="formalert"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -181,12 +192,9 @@ if ($pconfig['arefresh'] == 'on') </td></tr> <tr> <td> - <div id="mainarea"> - <form action="/snort/snort_alerts.php" method="post" id="formalert"> - <input type="hidden" name="instance" value="<?=$instanceid;?>"> <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> - <td width="22%" colspan="0" class="listtopic">Last <?=$anentries;?> Alert Entries.</td> + <td width="22%" class="listtopic">Last <?=$anentries;?> Alert Entries.</td> <td width="78%" class="listtopic">Latest Alert Entries Are Listed First.</td> </tr> <tr> @@ -224,34 +232,11 @@ if ($pconfig['arefresh'] == 'on') Enter the number of log entries to view. <strong>Default</strong> is <strong>250</strong>. </td> </tr> - </table> - </form> - </td> - </tr> + <tr> + <td colspan="2" ><br/><br/></td> + </tr> <tr> - <td width="100%" colspan="2"> - <div class="tableFilter"> - <form id="tableFilter" onsubmit="myTable.filter(this.id); return false;"> - <br/> - Filter: <select id="column"> - <option value="1">PRIORITY</option> - <option value="2">PROTO</option> - <option value="3">DESCRIPTION</option> - <option value="4">CLASS</option> - <option value="5">SRC</option> - <option value="6">SRC PORT</option> - <option value="8">DST</option> - <option value="9">DST PORT</option> - <option value="10">SID</option> - <option value="11">Date</option> - </select> - <input type="text" id="keyword" /> <input type="submit" - value="Submit" /> <input type="reset" value="Clear" /></form> - <br/> - </td> -</tr> -<tr> - <td colspan="2"> + <td width="100%" colspan="2" class='vtable'> <table id="myTable" width="100%" class="sortable" border="1" cellpadding="0" cellspacing="0"> <thead> <th class='listhdr' width='10%' axis="date">Date</th> @@ -259,7 +244,7 @@ if ($pconfig['arefresh'] == 'on') <th class='listhdrr' width='3%' axis="string">PROTO</th> <th class='listhdrr' width='7%' axis="string">CLASS</th> <th class='listhdrr' width='15%' axis="string">SRC</th> - <th class='listhdrr' width='5%' axis="string">SRCPORt</th> + <th class='listhdrr' width='5%' axis="string">SRCPORT</th> <th class='listhdrr' width='15%' axis="string">DST</th> <th class='listhdrr' width='5%' axis="string">DSTPORT</th> <th class='listhdrr' width='5%' axis="string">SID</th> @@ -272,6 +257,7 @@ if ($pconfig['arefresh'] == 'on') if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) { exec("tail -{$anentries} /var/log/snort/snort_{$if_real}{$snort_uuid}/alert | sort -r > /tmp/alert_{$snort_uuid}"); if (file_exists("/tmp/alert_{$snort_uuid}")) { + $tmpblocked = array_flip(snort_get_blocked_ips()); $counter = 0; /* 0 1 2 3 4 5 6 7 8 9 10 11 12 */ /* File format timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,srcport,dst,dstport,id,classification,priority */ @@ -291,17 +277,25 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) { $alert_proto = $fields[5]; /* IP SRC */ $alert_ip_src = $fields[6]; + if (isset($tmpblocked[$fields[6]])) { + $alert_ip_src .= "<a href='?instance={$id}&todelete=" . trim(urlencode($fields[6])) . "'> + <img title=\"Remove from blocked ips\" border=\"0\" width='10' height='10' name='todelete' id='todelete' alt=\"Delete\" src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"></a>"; + } /* IP SRC Port */ $alert_src_p = $fields[7]; /* IP Destination */ $alert_ip_dst = $fields[8]; + if (isset($tmpblocked[$fields[8]])) { + $alert_ip_dst .= "<a href='?instance={$id}&todelete=" . trim(urlencode($fields[8])) . "'> + <img title=\"Remove from blocked ips\" border=\"0\" width='10' height='10' name='todelete' id='todelete' alt=\"Delete\" src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"></a>"; + } /* IP DST Port */ $alert_dst_p = $fields[9]; /* SID */ $alert_sid_str = "{$fields[1]}:{$fields[2]}:{$fields[3]}"; $alert_class = $fields[11]; - echo "<tr id=\"{$counter}\"> + echo "<tr> <td class='listr' width='10%'>{$alert_date}</td> <td class='listr' width='5%' >{$alert_priority}</td> <td class='listr' width='3%'>{$alert_proto}</td> @@ -330,14 +324,10 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) { </table> </td> </tr> - </form> - </div> </table> -</div> -</td></tr></table> -<script type="text/javascript"> -sortable.reverse("myTable"); -</script> +</td></tr> +</table> +</form> <?php include("fend.inc"); ?> diff --git a/config/snort/snort_blocked.php b/config/snort/snort_blocked.php index 70838ed8..b88b85e9 100644 --- a/config/snort/snort_blocked.php +++ b/config/snort/snort_blocked.php @@ -203,10 +203,6 @@ if ($pconfig['brefresh'] == 'on') </tr> <?php /* set the arrays */ - $blocked_ips = ""; - exec('/sbin/pfctl -t snort2c -T show', $blocked_ips); - $blocked_ips_array = array(); - if (!empty($blocked_ips)) { $blocked_ips_array = array(); if (is_array($blocked_ips)) { foreach ($blocked_ips as $blocked_ip) { @@ -215,6 +211,8 @@ if ($pconfig['brefresh'] == 'on') $blocked_ips_array[] = trim($blocked_ip, " \n\t"); } } + $blocked_ips_array = snort_get_blocked_ips(); + if (!empty($blocked_ips_array)) { $tmpblocked = array_flip($blocked_ips_array); $src_ip_list = array(); foreach (glob("/var/log/snort/*/alert") as $alertfile) { @@ -230,12 +228,12 @@ if ($pconfig['brefresh'] == 'on') if (isset($tmpblocked[$fields[6]])) { if (!is_array($src_ip_list[$fields[6]])) $src_ip_list[$fields[6]] = array(); - $src_ip_list[$fields[6]][] = "{$fields[4]} - " . substr($fields[0], 0, -8); + $src_ip_list[$fields[6]][$fields[4]] = "{$fields[4]} - " . substr($fields[0], 0, -8); } if (isset($tmpblocked[$fields[8]])) { if (!is_array($src_ip_list[$fields[8]])) $src_ip_list[$fields[8]] = array(); - $src_ip_list[$fields[8]][] = "{$fields[4]} - " . substr($fields[0], 0, -8); + $src_ip_list[$fields[8]][$fields[4]] = "{$fields[4]} - " . substr($fields[0], 0, -8); } } fclose($fd); diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php index f69209e5..3cf70bc9 100644 --- a/config/snort/snort_define_servers.php +++ b/config/snort/snort_define_servers.php @@ -48,47 +48,41 @@ if (!is_array($config['installedpackages']['snortglobal']['rule'])) { } $a_nat = &$config['installedpackages']['snortglobal']['rule']; -$pconfig = array(); -if (isset($id) && $a_nat[$id]) { - $pconfig = $a_nat[$id]; +/* NOTE: KEEP IN SYNC WITH SNORT.INC since global do not work quite well with package */ +/* define servers and ports snortdefservers */ +$snort_servers = array ( +"dns_servers" => "\$HOME_NET", "smtp_servers" => "\$HOME_NET", "http_servers" => "\$HOME_NET", +"www_servers" => "\$HOME_NET", "sql_servers" => "\$HOME_NET", "telnet_servers" => "\$HOME_NET", +"snmp_servers" => "\$HOME_NET", "ftp_servers" => "\$HOME_NET", "ssh_servers" => "\$HOME_NET", +"pop_servers" => "\$HOME_NET", "imap_servers" => "\$HOME_NET", "sip_proxy_ip" => "\$HOME_NET", +"sip_servers" => "\$HOME_NET", "rpc_servers" => "\$HOME_NET", +"aim_servers" => "64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24" +); - /* old options */ - $pconfig['def_dns_servers'] = $a_nat[$id]['def_dns_servers']; - $pconfig['def_dns_ports'] = $a_nat[$id]['def_dns_ports']; - $pconfig['def_smtp_servers'] = $a_nat[$id]['def_smtp_servers']; - $pconfig['def_smtp_ports'] = $a_nat[$id]['def_smtp_ports']; - $pconfig['def_mail_ports'] = $a_nat[$id]['def_mail_ports']; - $pconfig['def_http_servers'] = $a_nat[$id]['def_http_servers']; - $pconfig['def_www_servers'] = $a_nat[$id]['def_www_servers']; - $pconfig['def_http_ports'] = $a_nat[$id]['def_http_ports']; - $pconfig['def_sql_servers'] = $a_nat[$id]['def_sql_servers']; - $pconfig['def_oracle_ports'] = $a_nat[$id]['def_oracle_ports']; - $pconfig['def_mssql_ports'] = $a_nat[$id]['def_mssql_ports']; - $pconfig['def_telnet_servers'] = $a_nat[$id]['def_telnet_servers']; - $pconfig['def_telnet_ports'] = $a_nat[$id]['def_telnet_ports']; - $pconfig['def_snmp_servers'] = $a_nat[$id]['def_snmp_servers']; - $pconfig['def_snmp_ports'] = $a_nat[$id]['def_snmp_ports']; - $pconfig['def_ftp_servers'] = $a_nat[$id]['def_ftp_servers']; - $pconfig['def_ftp_ports'] = $a_nat[$id]['def_ftp_ports']; - $pconfig['def_ssh_servers'] = $a_nat[$id]['def_ssh_servers']; - $pconfig['def_ssh_ports'] = $a_nat[$id]['def_ssh_ports']; - $pconfig['def_pop_servers'] = $a_nat[$id]['def_pop_servers']; - $pconfig['def_pop2_ports'] = $a_nat[$id]['def_pop2_ports']; - $pconfig['def_pop3_ports'] = $a_nat[$id]['def_pop3_ports']; - $pconfig['def_imap_servers'] = $a_nat[$id]['def_imap_servers']; - $pconfig['def_imap_ports'] = $a_nat[$id]['def_imap_ports']; - $pconfig['def_sip_proxy_ip'] = $a_nat[$id]['def_sip_proxy_ip']; - $pconfig['def_sip_servers'] = $a_nat[$id]['def_sip_servers']; - $pconfig['def_sip_ports'] = $a_nat[$id]['def_sip_ports']; - $pconfig['def_sip_proxy_ports'] = $a_nat[$id]['def_sip_proxy_ports']; - $pconfig['def_auth_ports'] = $a_nat[$id]['def_auth_ports']; - $pconfig['def_finger_ports'] = $a_nat[$id]['def_finger_ports']; - $pconfig['def_irc_ports'] = $a_nat[$id]['def_irc_ports']; - $pconfig['def_nntp_ports'] = $a_nat[$id]['def_nntp_ports']; - $pconfig['def_rlogin_ports'] = $a_nat[$id]['def_rlogin_ports']; - $pconfig['def_rsh_ports'] = $a_nat[$id]['def_rsh_ports']; - $pconfig['def_ssl_ports'] = $a_nat[$id]['def_ssl_ports']; -} +/* if user has defined a custom ssh port, use it */ +if(is_array($config['system']['ssh']) && isset($config['system']['ssh']['port'])) + $ssh_port = $config['system']['ssh']['port']; +else + $ssh_port = "22"; +$snort_ports = array( +"dns_ports" => "53", "smtp_ports" => "25", "mail_ports" => "25,143,465,691", +"http_ports" => "80", "oracle_ports" => "1521", "mssql_ports" => "1433", +"telnet_ports" => "23","snmp_ports" => "161", "ftp_ports" => "21", +"ssh_ports" => $ssh_port, "pop2_ports" => "109", "pop3_ports" => "110", +"imap_ports" => "143", "sip_proxy_ports" => "5060:5090,16384:32768", +"sip_ports" => "5060:5090,16384:32768", "auth_ports" => "113", "finger_ports" => "79", +"irc_ports" => "6665,6666,6667,6668,6669,7000", "smb_ports" => "139,445", +"nntp_ports" => "119", "rlogin_ports" => "513", "rsh_ports" => "514", +"ssl_ports" => "443,465,563,636,989,990,992,993,994,995", +"file_data_ports" => "\$HTTP_PORTS,110,143", "shellcode_ports" => "!80", +"sun_rpc_ports" => "111,32770,32771,32772,32773,32774,32775,32776,32777,32778,32779", +"DCERPC_NCACN_IP_TCP" => "139,445", "DCERPC_NCADG_IP_UDP" => "138,1024:", +"DCERPC_NCACN_IP_LONG" => "135,139,445,593,1024:", "DCERPC_NCACN_UDP_LONG" => "135,1024:", +"DCERPC_NCACN_UDP_SHORT" => "135,593,1024:", "DCERPC_NCACN_TCP" => "2103,2105,2107", +"DCERPC_BRIGHTSTORE" => "6503,6504" +); + +$pconfig = $a_nat[$id]; /* convert fake interfaces to real */ $if_real = snort_get_real_interface($pconfig['interface']); @@ -105,51 +99,20 @@ if ($_POST) { /* if no errors write to conf */ if (!$input_errors) { /* post new options */ - if ($_POST['def_dns_servers'] != "") { $natent['def_dns_servers'] = $_POST['def_dns_servers']; }else{ $natent['def_dns_servers'] = ""; } - if ($_POST['def_dns_ports'] != "") { $natent['def_dns_ports'] = $_POST['def_dns_ports']; }else{ $natent['def_dns_ports'] = ""; } - if ($_POST['def_smtp_servers'] != "") { $natent['def_smtp_servers'] = $_POST['def_smtp_servers']; }else{ $natent['def_smtp_servers'] = ""; } - if ($_POST['def_smtp_ports'] != "") { $natent['def_smtp_ports'] = $_POST['def_smtp_ports']; }else{ $natent['def_smtp_ports'] = ""; } - if ($_POST['def_mail_ports'] != "") { $natent['def_mail_ports'] = $_POST['def_mail_ports']; }else{ $natent['def_mail_ports'] = ""; } - if ($_POST['def_http_servers'] != "") { $natent['def_http_servers'] = $_POST['def_http_servers']; }else{ $natent['def_http_servers'] = ""; } - if ($_POST['def_www_servers'] != "") { $natent['def_www_servers'] = $_POST['def_www_servers']; }else{ $natent['def_www_servers'] = ""; } - if ($_POST['def_http_ports'] != "") { $natent['def_http_ports'] = $_POST['def_http_ports']; }else{ $natent['def_http_ports'] = ""; } - if ($_POST['def_sql_servers'] != "") { $natent['def_sql_servers'] = $_POST['def_sql_servers']; }else{ $natent['def_sql_servers'] = ""; } - if ($_POST['def_oracle_ports'] != "") { $natent['def_oracle_ports'] = $_POST['def_oracle_ports']; }else{ $natent['def_oracle_ports'] = ""; } - if ($_POST['def_mssql_ports'] != "") { $natent['def_mssql_ports'] = $_POST['def_mssql_ports']; }else{ $natent['def_mssql_ports'] = ""; } - if ($_POST['def_telnet_servers'] != "") { $natent['def_telnet_servers'] = $_POST['def_telnet_servers']; }else{ $natent['def_telnet_servers'] = ""; } - if ($_POST['def_telnet_ports'] != "") { $natent['def_telnet_ports'] = $_POST['def_telnet_ports']; }else{ $natent['def_telnet_ports'] = ""; } - if ($_POST['def_snmp_servers'] != "") { $natent['def_snmp_servers'] = $_POST['def_snmp_servers']; }else{ $natent['def_snmp_servers'] = ""; } - if ($_POST['def_snmp_ports'] != "") { $natent['def_snmp_ports'] = $_POST['def_snmp_ports']; }else{ $natent['def_snmp_ports'] = ""; } - if ($_POST['def_ftp_servers'] != "") { $natent['def_ftp_servers'] = $_POST['def_ftp_servers']; }else{ $natent['def_ftp_servers'] = ""; } - if ($_POST['def_ftp_ports'] != "") { $natent['def_ftp_ports'] = $_POST['def_ftp_ports']; }else{ $natent['def_ftp_ports'] = ""; } - if ($_POST['def_ssh_servers'] != "") { $natent['def_ssh_servers'] = $_POST['def_ssh_servers']; }else{ $natent['def_ssh_servers'] = ""; } - if ($_POST['def_ssh_ports'] != "") { $natent['def_ssh_ports'] = $_POST['def_ssh_ports']; }else{ $natent['def_ssh_ports'] = ""; } - if ($_POST['def_pop_servers'] != "") { $natent['def_pop_servers'] = $_POST['def_pop_servers']; }else{ $natent['def_pop_servers'] = ""; } - if ($_POST['def_pop2_ports'] != "") { $natent['def_pop2_ports'] = $_POST['def_pop2_ports']; }else{ $natent['def_pop2_ports'] = ""; } - if ($_POST['def_pop3_ports'] != "") { $natent['def_pop3_ports'] = $_POST['def_pop3_ports']; }else{ $natent['def_pop3_ports'] = ""; } - if ($_POST['def_imap_servers'] != "") { $natent['def_imap_servers'] = $_POST['def_imap_servers']; }else{ $natent['def_imap_servers'] = ""; } - if ($_POST['def_imap_ports'] != "") { $natent['def_imap_ports'] = $_POST['def_imap_ports']; }else{ $natent['def_imap_ports'] = ""; } - if ($_POST['def_sip_proxy_ip'] != "") { $natent['def_sip_proxy_ip'] = $_POST['def_sip_proxy_ip']; }else{ $natent['def_sip_proxy_ip'] = ""; } - if ($_POST['def_sip_proxy_ports'] != "") { $natent['def_sip_proxy_ports'] = $_POST['def_sip_proxy_ports']; }else{ $natent['def_sip_proxy_ports'] = ""; } - if ($_POST['def_sip_servers'] != "") { $natent['def_sip_servers'] = $_POST['def_sip_servers']; }else{ $natent['def_sip_servers'] = ""; } - if ($_POST['def_sip_ports'] != "") { $natent['def_sip_ports'] = $_POST['def_sip_ports']; }else{ $natent['def_sip_ports'] = ""; } - if ($_POST['def_auth_ports'] != "") { $natent['def_auth_ports'] = $_POST['def_auth_ports']; }else{ $natent['def_auth_ports'] = ""; } - if ($_POST['def_finger_ports'] != "") { $natent['def_finger_ports'] = $_POST['def_finger_ports']; }else{ $natent['def_finger_ports'] = ""; } - if ($_POST['def_irc_ports'] != "") { $natent['def_irc_ports'] = $_POST['def_irc_ports']; }else{ $natent['def_irc_ports'] = ""; } - if ($_POST['def_nntp_ports'] != "") { $natent['def_nntp_ports'] = $_POST['def_nntp_ports']; }else{ $natent['def_nntp_ports'] = ""; } - if ($_POST['def_rlogin_ports'] != "") { $natent['def_rlogin_ports'] = $_POST['def_rlogin_ports']; }else{ $natent['def_rlogin_ports'] = ""; } - if ($_POST['def_rsh_ports'] != "") { $natent['def_rsh_ports'] = $_POST['def_rsh_ports']; }else{ $natent['def_rsh_ports'] = ""; } - if ($_POST['def_ssl_ports'] != "") { $natent['def_ssl_ports'] = $_POST['def_ssl_ports']; }else{ $natent['def_ssl_ports'] = ""; } - - - if (isset($id) && $a_nat[$id]) - $a_nat[$id] = $natent; - else { - if (is_numeric($after)) - array_splice($a_nat, $after+1, 0, array($natent)); + foreach ($snort_servers as $key => $server) { + if ($_POST["def_{$key}"]) + $natent["def_{$key}"] = $_POST["def_{$key}"]; else - $a_nat[] = $natent; + unset($natent["def_{$key}"]); } + foreach ($snort_ports as $key => $server) { + if ($_POST["def_{$key}"]) + $natent["def_{$key}"] = $_POST["def_{$key}"]; + else + unset($natent["def_{$key}"]); + } + + $a_nat[$id] = $natent; write_config(); @@ -171,30 +134,23 @@ $pgtitle = "Snort: Interface {$if_friendly} Define Servers"; include_once("head.inc"); ?> -<body - link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} +/* Display Alert message */ +if ($input_errors) + print_input_errors($input_errors); // TODO: add checks +if ($savemsg) + print_info_box($savemsg); ?> - -<?php - /* Display Alert message */ - - if ($input_errors) { - print_input_errors($input_errors); // TODO: add checks - } - - if ($savemsg) { - print_info_box($savemsg); - } - - ?> - -<form action="snort_define_servers.php" method="post" - enctype="multipart/form-data" name="iform" id="iform"> +<script type="text/javascript" src="/javascript/autosuggest.js"> +</script> +<script type="text/javascript" src="/javascript/suggestions.js"> +</script> +<form action="snort_define_servers.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -212,313 +168,99 @@ if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} <tr> <td class="tabcont"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td colspan="2" valign="top" class="listtopic">Define Servers</td> + </tr> +<?php + foreach ($snort_servers as $key => $server): + if (strlen($server) > 40) + $server = substr($server, 0, 40) . "..."; + $label = strtoupper($key); + $value = ""; + if (!empty($pconfig["def_{$key}"])) + $value = htmlspecialchars($pconfig["def_{$key}"]); +?> <tr> - <td width="22%" valign="top"> </td> - <td width="78%"><span class="vexpl"><span class="red"><strong>Note:</strong></span><br> - Please save your settings before you click start.<br> - Please make sure there are <strong>no spaces</strong> in your - definitions. </td> - </tr> - <tr> - <td colspan="2" valign="top" class="listtopic">Define Servers</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define DNS_SERVERS</td> - <td width="78%" class="vtable"><input name="def_dns_servers" - type="text" class="formfld" id="def_dns_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_dns_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define DNS_PORTS</td> - <td width="78%" class="vtable"><input name="def_dns_ports" - type="text" class="formfld" id="def_dns_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_dns_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 53.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SMTP_SERVERS</td> - <td width="78%" class="vtable"><input name="def_smtp_servers" - type="text" class="formfld" id="def_smtp_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_smtp_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SMTP_PORTS</td> - <td width="78%" class="vtable"><input name="def_smtp_ports" - type="text" class="formfld" id="def_smtp_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_smtp_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 25.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define Mail_Ports</td> - <td width="78%" class="vtable"><input name="def_mail_ports" - type="text" class="formfld" id="def_mail_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_mail_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 25,143,465,691.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define HTTP_SERVERS</td> - <td width="78%" class="vtable"><input name="def_http_servers" - type="text" class="formfld" id="def_http_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_http_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define WWW_SERVERS</td> - <td width="78%" class="vtable"><input name="def_www_servers" - type="text" class="formfld" id="def_www_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_www_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define HTTP_PORTS</td> - <td width="78%" class="vtable"><input name="def_http_ports" - type="text" class="formfld" id="def_http_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_http_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 80.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SQL_SERVERS</td> - <td width="78%" class="vtable"><input name="def_sql_servers" - type="text" class="formfld" id="def_sql_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_sql_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define ORACLE_PORTS</td> - <td width="78%" class="vtable"><input name="def_oracle_ports" - type="text" class="formfld" id="def_oracle_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_oracle_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 1521.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define MSSQL_PORTS</td> - <td width="78%" class="vtable"><input name="def_mssql_ports" - type="text" class="formfld" id="def_mssql_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_mssql_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 1433.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define TELNET_SERVERS</td> - <td width="78%" class="vtable"><input name="def_telnet_servers" - type="text" class="formfld" id="def_telnet_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_telnet_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define TELNET_PORTS</td> - <td width="78%" class="vtable"><input name="def_telnet_ports" - type="text" class="formfld" id="def_telnet_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_telnet_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 23.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SNMP_SERVERS</td> - <td width="78%" class="vtable"><input name="def_snmp_servers" - type="text" class="formfld" id="def_snmp_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_snmp_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SNMP_PORTS</td> - <td width="78%" class="vtable"><input name="def_snmp_ports" - type="text" class="formfld" id="def_snmp_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_snmp_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 161.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define FTP_SERVERS</td> - <td width="78%" class="vtable"><input name="def_ftp_servers" - type="text" class="formfld" id="def_ftp_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_ftp_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define FTP_PORTS</td> - <td width="78%" class="vtable"><input name="def_ftp_ports" - type="text" class="formfld" id="def_ftp_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_ftp_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 21.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SSH_SERVERS</td> - <td width="78%" class="vtable"><input name="def_ssh_servers" - type="text" class="formfld" id="def_ssh_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_ssh_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SSH_PORTS</td> - <td width="78%" class="vtable"><input name="def_ssh_ports" - type="text" class="formfld" id="def_ssh_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_ssh_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is the firewall's SSH port.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define POP_SERVERS</td> - <td width="78%" class="vtable"><input name="def_pop_servers" - type="text" class="formfld" id="def_pop_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_pop_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define POP2_PORTS</td> - <td width="78%" class="vtable"><input name="def_pop2_ports" - type="text" class="formfld" id="def_pop2_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_pop2_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 109.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define POP3_PORTS</td> - <td width="78%" class="vtable"><input name="def_pop3_ports" - type="text" class="formfld" id="def_pop3_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_pop3_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 110.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define IMAP_SERVERS</td> - <td width="78%" class="vtable"><input name="def_imap_servers" - type="text" class="formfld" id="def_imap_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_imap_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define IMAP_PORTS</td> - <td width="78%" class="vtable"><input name="def_imap_ports" - type="text" class="formfld" id="def_imap_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_imap_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 143.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SIP_PROXY_IP</td> - <td width="78%" class="vtable"><input name="def_sip_proxy_ip" - type="text" class="formfld" id="def_sip_proxy_ip" size="40" - value="<?=htmlspecialchars($pconfig['def_sip_proxy_ip']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SIP_PROXY_PORTS</td> - <td width="78%" class="vtable"><input name="def_sip_proxy_ports" - type="text" class="formfld" id="def_sip_proxy_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_sip_proxy_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 5060:5090,16384:32768.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SIP_SERVERS</td> - <td width="78%" class="vtable"><input name="def_sip_servers" - type="text" class="formfld" id="def_sip_servers" size="40" - value="<?=htmlspecialchars($pconfig['def_sip_servers']);?>"> <br> - <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave - blank to scan all networks.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SIP_PORTS</td> - <td width="78%" class="vtable"><input name="def_sip_ports" - type="text" class="formfld" id="def_sip_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_sip_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 5060:5090,16384:32768.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define AUTH_PORTS</td> - <td width="78%" class="vtable"><input name="def_auth_ports" - type="text" class="formfld" id="def_auth_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_auth_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 113.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define FINGER_PORTS</td> - <td width="78%" class="vtable"><input name="def_finger_ports" - type="text" class="formfld" id="def_finger_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_finger_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 79.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define IRC_PORTS</td> - <td width="78%" class="vtable"><input name="def_irc_ports" - type="text" class="formfld" id="def_irc_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_irc_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 6665,6666,6667,6668,6669,7000.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define NNTP_PORTS</td> - <td width="78%" class="vtable"><input name="def_nntp_ports" - type="text" class="formfld" id="def_nntp_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_nntp_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 119.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define RLOGIN_PORTS</td> - <td width="78%" class="vtable"><input name="def_rlogin_ports" - type="text" class="formfld" id="def_rlogin_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_rlogin_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 513.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define RSH_PORTS</td> - <td width="78%" class="vtable"><input name="def_rsh_ports" - type="text" class="formfld" id="def_rsh_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_rsh_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 514.</span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Define SSL_PORTS</td> - <td width="78%" class="vtable"><input name="def_ssl_ports" - type="text" class="formfld" id="def_ssl_ports" size="40" - value="<?=htmlspecialchars($pconfig['def_ssl_ports']);?>"> <br> - <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is 25,443,465,636,993,995.</span></td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save"> - <input name="id" type="hidden" value="<?=$id;?>"> + <td width='22%' valign='top' class='vncell'>Define <?=$label;?></td> + <td width="78%" class="vtable"> + <input name="def_<?=$key;?>" + type="text" autocomplete="off" class="formfldalias" id="def_<?=$key;?>" + value="<?=$value;?>"> <br/> + <span class="vexpl">Default value: "<?=$server;?>" <br/>Leave + blank for default value.</span> </td> </tr> +<?php endforeach; ?> + <tr> + <td colspan="2" valign="top" class="listtopic">Define Ports</td> + </tr> +<?php + foreach ($snort_ports as $key => $server): + $server = substr($server, 0, 20); + $label = strtoupper($key); + $value = ""; + if (!empty($pconfig["def_{$key}"])) + $value = htmlspecialchars($pconfig["def_{$key}"]); +?> <tr> - <td width="22%" valign="top"> </td> - <td width="78%"><span class="vexpl"><span class="red"><strong>Note:</strong></span> - <br> - Please save your settings before you click start. </td> + <td width='22%' valign='top' class='vncell'>Define <?=$label;?></td> + <td width="78%" class="vtable"><input name="def_<?=$key;?>" + type="text" autocomplete="off" class="formfldalias" id="def_<?=$key;?>" + value="<?=$value;?>"> <br/> + <span class="vexpl">Default value: "<?=$server;?>" <br/> Leave + blank for default value.</span> + </td> </tr> - </table> +<?php endforeach; ?> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save"> + <input name="id" type="hidden" value="<?=$id;?>"> + </td> + </tr> + </table> </td></tr> </table> </form> +<script type="text/javascript"> +<?php + $isfirst = 0; + $aliases = ""; + $addrisfirst = 0; + $portisfirst = 0; + $aliasesaddr = ""; + $aliasesports = ""; + if(isset($config['aliases']['alias']) && is_array($config['aliases']['alias'])) + foreach($config['aliases']['alias'] as $alias_name) { + if ($alias_name['type'] == "host" || $alias_name['type'] == "network") { + if($addrisfirst == 1) $aliasesaddr .= ","; + $aliasesaddr .= "'" . $alias_name['name'] . "'"; + $addrisfirst = 1; + } else if ($alias_name['type'] == "port") { + if($portisfirst == 1) $aliasesports .= ","; + $aliasesports .= "'" . $alias_name['name'] . "'"; + $portisfirst = 1; + } + } +?> + + var addressarray=new Array(<?php echo $aliasesaddr; ?>); + var portsarray=new Array(<?php echo $aliasesports; ?>); + +function createAutoSuggest() { +<?php + foreach ($snort_servers as $key => $server) + echo "objAlias{$key} = new AutoSuggestControl(document.getElementById('def_{$key}'), new StateSuggestions(addressarray));\n"; + foreach ($snort_ports as $key => $server) + echo "pobjAlias{$key} = new AutoSuggestControl(document.getElementById('def_{$key}'), new StateSuggestions(portsarray));\n"; +?> +} + +setTimeout("createAutoSuggest();", 500); + +</script> + <?php include("fend.inc"); ?> </body> </html> diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php index aa6ca238..c86f60d3 100644 --- a/config/snort/snort_interfaces_whitelist_edit.php +++ b/config/snort/snort_interfaces_whitelist_edit.php @@ -85,8 +85,6 @@ if (isset($id) && $a_whitelist[$id]) { $pconfig['wandnsips'] = $a_whitelist[$id]['wandnsips']; $pconfig['vips'] = $a_whitelist[$id]['vips']; $pconfig['vpnips'] = $a_whitelist[$id]['vpnips']; - $addresses = explode(' ', $pconfig['address']); - $address = explode(" ", $addresses[0]); } if ($_POST['submit']) { @@ -103,13 +101,8 @@ if ($_POST['submit']) { if(strtolower($_POST['name']) == "defaultwhitelist") $input_errors[] = "Whitelist file names may not be named defaultwhitelist."; - $x = is_validwhitelistname($_POST['name']); - if (!isset($x)) { - $input_errors[] = "Reserved word used for whitelist file name."; - } else { - if (is_validwhitelistname($_POST['name']) == false) - $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset."; - } + if (is_validwhitelistname($_POST['name']) == false) + $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset."; /* check for name conflicts */ foreach ($a_whitelist as $w_list) { @@ -122,33 +115,9 @@ if ($_POST['submit']) { } } - $isfirst = 0; - $address = ""; - $final_address_details .= ""; - /* add another entry code */ - for($x=0; $x<499; $x++) { - if (!empty($_POST["address{$x}"])) { - if ($is_first > 0) - $address .= " "; - $address .= $_POST["address{$x}"]; - if ($_POST["address_subnet{$x}"] <> "") - $address .= "" . $_POST["address_subnet{$x}"]; - - /* Compress in details to a single key, data separated by pipes. - Pulling details here lets us only pull in details for valid - address entries, saving us from having to track which ones to - process later. */ - $final_address_detail = mb_convert_encoding($_POST["detail{$x}"],'HTML-ENTITIES','auto'); - if ($final_address_detail <> "") - $final_address_details .= $final_address_detail; - else { - $final_address_details .= "Entry added" . " "; - $final_address_details .= date('r'); - } - $final_address_details .= "||"; - $is_first++; - } - } + if ($_POST['address']) + if (!is_alias($_POST['address'])) + $input_errors[] = "A valid alias need to be provided"; if (!$input_errors) { $w_list = array(); @@ -161,7 +130,7 @@ if ($_POST['submit']) { $w_list['vips'] = $_POST['vips']? 'yes' : 'no'; $w_list['vpnips'] = $_POST['vpnips']? 'yes' : 'no'; - $w_list['address'] = $address; + $w_list['address'] = $_POST['address']; $w_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); $w_list['detail'] = $final_address_details; @@ -177,12 +146,7 @@ if ($_POST['submit']) { header("Location: /snort/snort_interfaces_whitelist.php"); exit; - } else { - $pconfig['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); - $pconfig['address'] = $address; - $pconfig['detail'] = $final_address_details; } - } $pgtitle = "Services: Snort: Whitelist: Edit $whitelist_uuid"; @@ -193,27 +157,15 @@ include_once("head.inc"); <?php include("fbegin.inc"); -?> -<script type="text/javascript" src="/javascript/row_helper.js"></script> - <input type='hidden' name='address_type' value='textbox' /> - <script type="text/javascript"> - - rowname[0] = "address"; - rowtype[0] = "textbox"; - rowsize[0] = "20"; - - rowname[1] = "detail"; - rowtype[1] = "textbox"; - rowsize[1] = "30"; -</script> - -<?php if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} if ($input_errors) print_input_errors($input_errors); if ($savemsg) print_info_box($savemsg); ?> - +<script type="text/javascript" src="/javascript/autosuggest.js"> +</script> +<script type="text/javascript" src="/javascript/suggestions.js"> +</script> <form action="snort_interfaces_whitelist_edit.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td class="tabcont"> @@ -282,61 +234,11 @@ if ($savemsg) </tr> <tr> <td width="22%" valign="top" class="vncellreq"> - <div id="addressnetworkport">IP or CIDR items</div> + <div id="addressnetworkport">Alias of IP's</div> </td> <td width="78%" class="vtable"> - <table id="maintable"> - <tbody> - <tr> - <td colspan="4"> - <div - style="padding: 5px; margin-top: 16px; margin-bottom: 16px; border: 1px dashed #ff3333; background-color: #eee; color: #000; font-size: 8pt;" - id="itemhelp">For <strong>WHITELIST's</strong> enter <strong>ONLY - IPs not CIDRs</strong>. Example: 192.168.4.1<br> - <br> - For <strong>NETLIST's</strong> you may enter <strong>IPs and - CIDRs</strong>. Example: 192.168.4.1 or 192.168.4.0/24</div> - </td> - </tr> - <tr> - <td> - <div id="onecolumn">IP or CIDR</div> - </td> - <td> - <div id="threecolumn">Add a Description or leave blank and a date - will be added.</div> - </td> - </tr> - - <?php - /* cleanup code */ - $counter = 0; - $address = $pconfig['address']; - if ($address <> ""): - $item = explode(" ", $address); - $item3 = explode("||", $pconfig['detail']); - foreach($item as $ww): - $address = $item[$counter]; - $item4 = $item3[$counter]; - ?> - <tr> - <td><input name="address<?php echo $counter; ?>" class="formfld unknown" type="text" id="address<?php echo $counter; ?>" size="30" value="<?=htmlspecialchars($address);?>" /></td> - <td><input name="detail<?php echo $counter; ?>" class="formfld unknown" type="text" id="address<?php echo $counter; ?>" size="50" value="<?=$item4;?>" /></td> - <td> - <?php echo "<input type=\"image\" src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"Delete\" />"; ?> - </td> - </tr> - <?php - $counter++; - - endforeach; endif; - ?> - </tbody> - </table> - <a onclick="javascript:addRowTo('maintable'); return false;" - href="#"><img border="0" - src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" - title="add another entry" /> </a></td> + <input autocomplete="off" name="address" type="text" class="formfldalias" id="address" size="30" value="<?=htmlspecialchars($pconfig['address']);?>" /> + </td> </tr> <tr> <td width="22%" valign="top"> </td> @@ -350,17 +252,33 @@ if ($savemsg) </td></tr> </table> </form> - <script type="text/javascript"> -/* row and col adjust when you add extra entries */ +<?php + $isfirst = 0; + $aliases = ""; + $addrisfirst = 0; + $aliasesaddr = ""; + if(isset($config['aliases']['alias']) && is_array($config['aliases']['alias'])) + foreach($config['aliases']['alias'] as $alias_name) { + if ($alias_name['type'] != "host" && $alias_name['type'] != "network") + continue; + if($addrisfirst == 1) $aliasesaddr .= ","; + $aliasesaddr .= "'" . $alias_name['name'] . "'"; + $addrisfirst = 1; + } +?> -field_counter_js = 3; - rows = 1; - totalrows = <?php echo $counter; ?>; - loaded = <?php echo $counter; ?>; - -</script> + var addressarray=new Array(<?php echo $aliasesaddr; ?>); +function createAutoSuggest() { +<?php + echo "objAlias = new AutoSuggestControl(document.getElementById('address'), new StateSuggestions(addressarray));\n"; +?> +} + +setTimeout("createAutoSuggest();", 500); + +</script> <?php include("fend.inc"); ?> </body> </html> |