aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrobiscool <robrob2626@yahoo.com>2011-05-26 07:20:27 -0700
committerrobiscool <robrob2626@yahoo.com>2011-05-26 09:17:10 -0700
commitbd664276c67a11b92c027ba569157460481d37e6 (patch)
treea3d18c74483349297caaf25c5e43e62ff3ede449
parent54c49bf2b5358b35602cae3cf6a9fead0ba886e5 (diff)
downloadpfsense-packages-bd664276c67a11b92c027ba569157460481d37e6.tar.gz
pfsense-packages-bd664276c67a11b92c027ba569157460481d37e6.tar.bz2
pfsense-packages-bd664276c67a11b92c027ba569157460481d37e6.zip
snort-dev, add rules and rulesets tabs
-rw-r--r--config/snort-dev/base_file.php132
-rw-r--r--config/snort-dev/css/style_snort2.css53
-rw-r--r--config/snort-dev/images/loading.gifbin0 -> 404 bytes
-rw-r--r--config/snort-dev/javascript/snort_globalsend.js156
-rw-r--r--config/snort-dev/snortDBrulesbin12288 -> 14336 bytes
-rw-r--r--config/snort-dev/snort_head.inc22
-rw-r--r--config/snort-dev/snort_headbase.inc26
-rw-r--r--config/snort-dev/snort_interfaces_edit.php2
-rw-r--r--config/snort-dev/snort_json_get.php10
-rw-r--r--config/snort-dev/snort_json_post.php78
-rw-r--r--config/snort-dev/snort_new.inc249
-rw-r--r--config/snort-dev/snort_rules.php517
-rw-r--r--config/snort-dev/snort_rulesets.php278
-rw-r--r--config/snort-dev/testing.php28
14 files changed, 1243 insertions, 308 deletions
diff --git a/config/snort-dev/base_file.php b/config/snort-dev/base_file.php
deleted file mode 100644
index 168a39fb..00000000
--- a/config/snort-dev/base_file.php
+++ /dev/null
@@ -1,132 +0,0 @@
-<?php
-/* $Id$ */
-/*
- snort_interfaces.php
- part of m0n0wall (http://m0n0.ch/wall)
-
- Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
- Copyright (C) 2008-2009 Robert Zelaya.
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-
-require_once("guiconfig.inc");
-require_once("/usr/local/pkg/snort/snort_new.inc");
-require_once("/usr/local/pkg/snort/snort_gui.inc");
-
-// set page vars
-
-$uuid = $_GET['uuid'];
-if (isset($_POST['uuid']))
-$uuid = $_POST['uuid'];
-
-if ($uuid == '') {
- echo 'error: no uuid';
- exit(0);
-}
-
-
-$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid);
-
-
-
-
-
- $pgtitle = "Services: Snort: Interface Edit:";
- include("/usr/local/pkg/snort/snort_head.inc");
-
-?>
-
-<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-
-<div id="loadingWaiting">
- <p class="loadingWaitingMessage"><img src="./images/loading.gif" /> <br>Please Wait...</p>
-</div>
-
-<?php include("fbegin.inc"); ?>
-<!-- hack to fix the hardcoed fbegin link in header -->
-<div id="header-left2">
-<a href="../index.php" id="status-link2">
-<img src="./images/transparent.gif" border="0"></img>
-</a>
-</div>
-
-<div class="body2"><!-- hack to fix the hardcoed fbegin link in header -->
-<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
-
- <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
- <ul class="newtabmenu">
- <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li>
- <li class="newtabmenu_active"><a href="/snort/snort_interfaces_edit.php?uuid=<?=$uuid;?>"><span>If Settings</span></a></li>
- <li><a href="/snort/snort_rulesets.php?uuid=<?=$uuid;?>"><span>Categories</span></a></li>
- <li><a href="/snort/snort_rules.php?uuid=<?=$uuid;?>"><span>Rules</span></a></li>
- <li><a href="/snort/snort_define_servers.php?uuid=<?=$uuid;?>"><span>Servers</span></a></li>
- <li><a href="/snort/snort_preprocessors.php?uuid=<?=$uuid;?>"><span>Preprocessors</span></a></li>
- <li><a href="/snort/snort_barnyard.php?uuid=<?=$uuid;?>"><span>Barnyard2</span></a></li>
- </ul>
- </div>
-
- </td>
- </tr>
- <tr>
- <td id="tdbggrey">
- <table width="100%" border="0" cellpadding="10px" cellspacing="0">
- <tr>
- <td class="tabnavtbl">
- <table width="100%" border="0" cellpadding="6" cellspacing="0">
- <!-- START MAIN AREA -->
-
- <form id="iform" >
- <input type="hidden" name="snortSaveSettings" value="1" /> <!-- what to do, save -->
- <input type="hidden" name="dbName" value="snortDBrules" /> <!-- what db-->
- <input type="hidden" name="dbTable" value="Snortrules" /> <!-- what db table-->
- <input type="hidden" name="ifaceTab" value="snort_interfaces_edit" /> <!-- what interface tab -->
-
-
-
-
- </form>
- <!-- STOP MAIN AREA -->
- </table>
- </td>
- </tr>
- </table>
- </td>
- </tr>
-</table>
-</div>
-
-
-<!-- footer do not touch below -->
-<?php
-include("fend.inc");
-echo $snort_custom_rnd_box;
-?>
-
-
-</body>
-</html>
diff --git a/config/snort-dev/css/style_snort2.css b/config/snort-dev/css/style_snort2.css
index 91e63e88..07d21de6 100644
--- a/config/snort-dev/css/style_snort2.css
+++ b/config/snort-dev/css/style_snort2.css
@@ -6,24 +6,44 @@ a {
}
*/
+
+#right {
+
+ position: relative;
+ top: -10px;
+ left: 0px;
+ width: 770px;
+ margin-top: 0px;
+ margin-left: 5px;
+ margin-right: 5px;
+ padding-top: 20px;
+ padding-left: 0px;
+ padding-right: 0px;
+ padding-bottom: 90px;
+ min-height: 400px;
+
+}
+
.odd_ruleset2 {
+ text-align: center;
background-color: #ffffff;
border-left: 1px solid #999999;
border-bottom: 1px solid #999999;
font-size: 11px;
- padding-right: 6px;
- padding-left: 6px;
+ padding-right: 2px;
+ padding-left: 2px;
padding-top: 4px;
padding-bottom: 4px;
}
.even_ruleset2 {
+ text-align: center;
background-color: #eeeeee;
border-left: 1px solid #999999;
border-bottom: 1px solid #999999;
font-size: 11px;
- padding-right: 6px;
- padding-left: 6px;
+ padding-right: 2px;
+ padding-left: 2px;
padding-top: 4px;
padding-bottom: 4px;
}
@@ -67,7 +87,7 @@ a {
visibility:hidden;
}
-#loadingWaiting {
+#loadingWaiting, #loadingRuleEditGUI{
display:none;
position:fixed;
left:0;
@@ -75,8 +95,21 @@ a {
width:100%;
height:100%;
background-image:url("/snort/images/transparentbg.png");
- z-index: 9999;
- color: fff;
+ z-index: 9998;
+ color: #ffffff;
+}
+
+.loadingRuleEditGUIDiv {
+
+ position: absolute;
+ top: 2%;
+ left: 5%;
+ right: 5%;
+ bottom: 50%;
+ color: #ffffff;
+ z-index: 9999;
+ text-align: center;
+
}
.loadingWaitingMessage {
@@ -84,7 +117,7 @@ a {
position: absolute;
top: 25%;
left: 50%;
- color: #fff;
+ color: #ffffff;
z-index: 9999;
text-align: center;
@@ -92,8 +125,8 @@ a {
.listhdrr2 {
background-color: #BBBBBB;
- padding-right: 9px;
- padding-left: 6px;
+ padding-right: 1px;
+ padding-left: 1px;
font-weight: bold;
border-right: 1px solid #999999;
border-bottom: 1px solid #999999;
diff --git a/config/snort-dev/images/loading.gif b/config/snort-dev/images/loading.gif
new file mode 100644
index 00000000..cbc00f09
--- /dev/null
+++ b/config/snort-dev/images/loading.gif
Binary files differ
diff --git a/config/snort-dev/javascript/snort_globalsend.js b/config/snort-dev/javascript/snort_globalsend.js
index b8fde968..9f721053 100644
--- a/config/snort-dev/javascript/snort_globalsend.js
+++ b/config/snort-dev/javascript/snort_globalsend.js
@@ -1,30 +1,22 @@
jQuery.noConflict();
//prepare the form when the DOM is ready
-jQuery(document).ready(function() {
-
+jQuery(document).ready(function() {
+
jQuery(".icon_click").live('mouseover', function() {
jQuery(this).css('cursor', 'pointer');
});
//-------------------START Misc-------------------------------------------
-
- /*
- * Gives you even true or false on even numbers
- */
- window.isEven = function(someNumber) {
-
- return (someNumber%2 == 0) ? true : false;
-
- };
/*! Needs to be watched not my code <- IMPORTANT
* JavaScript UUID Generator, v0.0.1
*
* Copyright (c) 2009 Massimo Lombardo.
* Dual licensed under the MIT and the GNU GPL licenses.
- */
+ */
+
function genUUID() {
var uuid = (function () {
var i,
@@ -47,40 +39,94 @@ jQuery(document).ready(function() {
}
};
}
+
+ //-------------------START Misc GLOBAL WINDOW-------------------------------------------
+ // NOTE: try not to add to manny of thses
+
+ /*
+ * Gives you even true or false on even numbers
+ */
+ window.isEven = function(someNumber) {
+
+ return (someNumber%2 == 0) ? true : false;
+
+ };
+
+ /*
+ * Loop through object with timeout.
+ * NOTE: IE9 still has issues. Example : deleted rules (6000+ sigs).
+ * Break up heavy javascript intensive processing into smaller parts. Used to stop "browser Stop responding" warnings.
+ */
+
+ /*
+ function processLoop( actionFunc, numTimes, numWait, doneFunc ) {
+ var i = 0;
+ var f = function () {
+ if (i < numTimes) {
+ actionFunc( i++ ); // closure on i
+ setTimeout( f, numWait );
+ }
+ else if (doneFunc) {
+ doneFunc();
+ }
+ };
+ f();
+ }
+ */
+
+ window.incrementallyProcess = function(workerCallback, data, chunkSize, timeout, completionCallback) {
+ var i = 0;
+ (function() {
+ var remainingDataLength = (data.length - i);
+ var currentChunkSize = (remainingDataLength >= chunkSize) ? chunkSize : remainingDataLength;
+ if(i < data.length) {
+ while(currentChunkSize--) {
+ workerCallback(i++);
+ }
+ setTimeout(arguments.callee, timeout);
+ } else if(completionCallback) {
+ completionCallback();
+ }
+ })();
+ };
+
+ // Please wait code
+ window.hideLoading = function(thisLocation){
+ jQuery(thisLocation).hide();
+ };
+
+ // Please wait code
+ window.showLoading = function(thisLocation){
+ jQuery(thisLocation).show();
+ };
+
//--------------------------- START select all code ---------------------------
- jQuery('#select_all').live('click', function() {
+ jQuery('#select_all').live('click', function(){
checkAll(jQuery('.domecheck'));
});
- jQuery('#deselect_all').live('click', function() {
+ jQuery('#deselect_all').live('click', function(){
uncheckAll(jQuery('.domecheck'));
});
- function checkAll(field)
- {
- for (i = 0; i < field.length; i++)
- {
+ function checkAll(field){
+ for (i = 0; i < field.length; i++){
field[i].checked = true;
}
}
- function uncheckAll(field)
- {
- for (i = 0; i < field.length; i++)
- {
+ function uncheckAll(field){
+ for (i = 0; i < field.length; i++){
field[i].checked = false;
}
}
-
- //--------------------------- STOP select all code --------------------------
-
// -------------------------- START cancel form code -------------------------------------------
//jQuery('#cancel').click(function() {
- jQuery('#cancel').live('click', function() {
+ jQuery('#cancel').live('click', function(){
location.reload();
@@ -94,15 +140,13 @@ jQuery(document).ready(function() {
var NewRow_UUID = genUUID();
var rowNumCount = jQuery("#address").length;
- if (rowNumCount > 0)
- {
+ if (rowNumCount > 0){
// stop empty
var prevAddressAll_ck = jQuery('tr[id^=maintable_]');
var prevAddress_ck = prevAddressAll_ck[prevAddressAll_ck.length-1].id;
var prevAddressEmpty_ck = jQuery.trim(jQuery('#' + prevAddress_ck + ' #address').val());
- if (prevAddressEmpty_ck === '')
- {
+ if (prevAddressEmpty_ck === ''){
return false;
}
}
@@ -127,12 +171,11 @@ jQuery(document).ready(function() {
// ------------------------------- START remove row element ---------------------------------------
- function removeRow()
- {
+ function removeRow(){
jQuery("#maintable_" + window.RemoveRow_UUID).remove();
}
- jQuery(".icon_x").live('click', function() {
+ jQuery(".icon_x").live('click', function(){
var elem = getBaseElement(this.id); // this.id gets id of .icon_x
@@ -142,8 +185,8 @@ jQuery(document).ready(function() {
window.RemoveRow_DB = jQuery("#maintable_" + window.RemoveRow_UUID).data("options").pagedb;
window.RemoveRow_POST = jQuery("#maintable_" + window.RemoveRow_UUID).data("options").DoPOST;
- if (window.RemoveRow_POST === 'true') // snort_interfaces_whitelist
- {
+ // snort_interfaces_whitelist
+ if (window.RemoveRow_POST === 'true'){
if(confirm('Do you really want to delete this list? (e.g. snort rules will fall back to the default list)!')) {
jQuery("#maintable_" + window.RemoveRow_UUID).fadeOut("fast");
@@ -155,8 +198,7 @@ jQuery(document).ready(function() {
}
// remove element NO post
- if (window.RemoveRow_POST === 'false')
- {
+ if (window.RemoveRow_POST === 'false'){
jQuery("#maintable_" + window.RemoveRow_UUID).fadeOut("fast");
@@ -169,15 +211,15 @@ jQuery(document).ready(function() {
});
- function RMlistDBDelCall() {
+ function RMlistDBDelCall(){
return RemoveRow_DB;
}
- function RMlistTableDelCall() {
+ function RMlistTableDelCall(){
return RemoveRow_Table;
}
- function RMlistUuidDelCall() {
+ function RMlistUuidDelCall(){
return RemoveRow_UUID;
}
@@ -193,14 +235,13 @@ jQuery(document).ready(function() {
}
// post-submit callback if snort_json_post.php returns true or false
- function showResponseRMlist(data) {
+ function showResponseRMlist(data){
//alert('test');
}
- function getBaseElement(elem)
- {
+ function getBaseElement(elem){
elem = elem + "";
var len = elem.length;
var lPos = elem.lastIndexOf("_") * 1;
@@ -229,7 +270,7 @@ jQuery(document).ready(function() {
/* general form */
//jQuery('#iform').submit(function() {
- jQuery('#iform, #iform2, #iform3').live('submit', function() {
+ jQuery('#iform, #iform2, #iform3').live('submit', function(){
jQuery(this).ajaxSubmit(options);
@@ -241,10 +282,6 @@ jQuery(document).ready(function() {
var queryString = jQuery.param(formData);
- // Please wait code
- function showLoading() {
- jQuery("#loadingWaiting").show();
- }
// call to please wait
showLoading();
@@ -254,13 +291,9 @@ jQuery(document).ready(function() {
return true;
}
- function hideLoading()
- {
- jQuery("#loadingWaiting").hide();
- }
+
- function downloadsnortlogs(data)
- {
+ function downloadsnortlogs(data){
jQuery('.hiddendownloadlink').append('<iframe width="1" height="1" frameborder="0" src="/snort/snort_json_get.php?snortlogdownload=1&snortlogfilename=' + data.downloadfilename + '" ></iframe>');
var appendElem = jQuery('<br> <span>success...<span>');
@@ -270,36 +303,31 @@ jQuery(document).ready(function() {
// After Save Calls display
var appendElem = jQuery('<br> <span>success...<span>');
- function finnish()
- {
+ function finnish(){
hideLoading();
appendElem.remove();
updatestarted = 1;
}
- function showResponse(data, responseText, statusText, xhr, $form)
- {
+ function showResponse(data, responseText, statusText, xhr, $form){
// START of fill call to user
if (responseText === 'success') {
// snort logs download success
- if (data.downloadfilename !== '' && data.snortdownload === 'success')
- {
+ if (data.downloadfilename !== '' && data.snortdownload === 'success'){
downloadsnortlogs(data);
}
// succsess display
- if (data.snortgeneralsettings === 'success' || data.snortdelete === 'success' || data.snortreset === 'success')
- {
+ if (data.snortgeneralsettings === 'success' || data.snortdelete === 'success' || data.snortreset === 'success'){
// sucsses msg
appendElem.appendTo('.loadingWaitingMessage');
// Clean up Waiting code
finnish();
- if (data.snortUnhideTabs === 'true')
- {
+ if (data.snortUnhideTabs === 'true'){
jQuery('.hide_newtabmenu').show();
}
diff --git a/config/snort-dev/snortDBrules b/config/snort-dev/snortDBrules
index 7a0acc3f..cd5da7e0 100644
--- a/config/snort-dev/snortDBrules
+++ b/config/snort-dev/snortDBrules
Binary files differ
diff --git a/config/snort-dev/snort_head.inc b/config/snort-dev/snort_head.inc
index 8f9bf9b4..6addeaaa 100644
--- a/config/snort-dev/snort_head.inc
+++ b/config/snort-dev/snort_head.inc
@@ -34,14 +34,6 @@ $pagetitle = gentitle( $pgtitle );
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="apple-touch-icon" href="/themes/<?php echo $g['theme']; ?>/apple-touch-icon.png"/>
-
-<!-- snort custom javascript and css -->
-
-<?php include('/usr/local/pkg/snort/snort_headbase.inc'); ?>
-
-<!-- remove Only used to test conflicts -->
-
-
<?php if (strpos($_SERVER["SCRIPT_FILENAME"], "wizard.php") !== false &&
file_exists("{$g['www_path']}/themes/{$g['theme']}/wizard.css")): ?>
<?php echo "<style type=\"text/css\" src=\"/themes/{$g['theme']}/wizard.css\"></style>"; ?>
@@ -55,7 +47,16 @@ $pagetitle = gentitle( $pgtitle );
<script type="text/javascript">
var theme = "<?php echo $g['theme']; ?>";
</script>
- <?php echo "\t<script type=\"text/javascript\" src=\"/themes/{$g['theme']}/loader.js\"></script>\n"; ?>
+ <?php echo "\t<script type=\"text/javascript\" src=\"/themes/{$g['theme']}/loader.js\"></script>\n"; ?>
+
+<?php
+ //<!-- snort custom javascript and css -->
+ echo "\n";
+ include('/usr/local/pkg/snort/snort_headbase.inc');
+ echo "\n";
+ //<!-- snort custom javascript and css -->
+?>
+
<?php
if($_GET['enablefirebuglite']) {
echo "\t<script type=\"text/javascript\" src=\"/javascript/pi.js\"></script>\n";
@@ -85,7 +86,8 @@ $pagetitle = gentitle( $pgtitle );
closedir($dh);
}
}
-
+
+
if (!isset($closehead))
echo "</head>";
diff --git a/config/snort-dev/snort_headbase.inc b/config/snort-dev/snort_headbase.inc
index 38165213..4cf02489 100644
--- a/config/snort-dev/snort_headbase.inc
+++ b/config/snort-dev/snort_headbase.inc
@@ -1,27 +1,17 @@
-<?php if ($config['version'] >= 6): ?>
-<link rel="stylesheet" type="text/css" href="/themes/<?php echo $g['theme']; ?>/new_tab_menu.css"media="all">
-<?php else: ?>
-<link rel="stylesheet" type="text/css" href="./css/new_tab_menu.css" media="all">
-<?php endif; ?>
-
-<link rel="stylesheet" type="text/css" href="./css/sexybuttons.css" media="all" />
-<link rel="stylesheet" type="text/css" href="./css/style_snort2.css" media="all" />
-
-<?php
-echo "\t<script type=\"text/javascript\" src=\"./javascript/jquery-1.6.min.js\"></script>\n";
+<!-- START of Snort Package css and javascript -->
-echo "\t<script type=\"text/javascript\" src=\"./javascript/jquery.form.js\"></script>\n";
-
-
-//echo "\t<link href=\"./css/jquery.bubblepopup.v2.3.1.css\" rel=\"stylesheet\" type=\"text/css\" />\n";
-//echo "\t<script src=\"./javascript/jquery.bubblepopup.v2.3.1.min.js\" type=\"text/javascript\"></script>\n";
+<link rel="stylesheet" type="text/css" href="./css/style_snort2.css" media="all" />
+<!-- <link rel="stylesheet" type="text/css" href="./css/jquery.bubblepopup.v2.3.1.css" media="all" /> -->
-echo "\t<script type=\"text/javascript\" src=\"./javascript/snort_globalsend.js\"></script>\n";
+<script type="text/javascript" src="./javascript/jquery-1.6.min.js"></script>
+<script type="text/javascript" src="./javascript/snort_globalsend.js"></script>
+<script type="text/javascript" src="./javascript/jquery.form.js"></script>
+<!-- <script type="text/javascript" src="./javascript/jquery.bubblepopup.v2.3.1.min.js"></script> -->
+<!-- STOP of Snort Package css and javascript -->
-?>
<?php
// this has to be loaded at the bottom
diff --git a/config/snort-dev/snort_interfaces_edit.php b/config/snort-dev/snort_interfaces_edit.php
index aec03e3b..2eca2b80 100644
--- a/config/snort-dev/snort_interfaces_edit.php
+++ b/config/snort-dev/snort_interfaces_edit.php
@@ -169,7 +169,7 @@ jQuery(document).ready(function() {
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
- <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
+ <div class="newtabmenu" style="margin: 1px 0px; width: 790px;"><!-- Tabbed bar code-->
<ul class="newtabmenu">
<li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li>
<li class="newtabmenu_active"><a href="/snort/snort_interfaces_edit.php?uuid=<?=$uuid;?>"><span>If Settings</span></a></li>
diff --git a/config/snort-dev/snort_json_get.php b/config/snort-dev/snort_json_get.php
index f991f10b..a8cdcd2d 100644
--- a/config/snort-dev/snort_json_get.php
+++ b/config/snort-dev/snort_json_get.php
@@ -18,7 +18,17 @@ if ($_GET['snortlogdownload'] == 1)
}
+// send Json sid string
+if ($_GET['snortGetSidString'] == 1)
+{
+
+ // unset
+ unset($_GET['snortGetSidString']);
+
+ // get the SID string from file
+ sendSidStringRuleEditGUI();
+}
diff --git a/config/snort-dev/snort_json_post.php b/config/snort-dev/snort_json_post.php
index 2431beec..8cf72f67 100644
--- a/config/snort-dev/snort_json_post.php
+++ b/config/snort-dev/snort_json_post.php
@@ -11,55 +11,55 @@ if(isset($_POST['__csrf_magic']))
}
// return codes
-$snortJsonReturnCode_success = '
-{
-"snortgeneralsettings": "success"
+$snortJsonReturnCode_success = '{"snortgeneralsettings":"success"}';
+
+$snortJsonReturnCode_fail = '{"snortgeneralsettings":"fail"}';
+
+function snortJsonReturnCode($returnStatus)
+{
+ if ($returnStatus == true)
+ {
+ echo '{"snortgeneralsettings":"success","snortUnhideTabs":"true"}';
+ }else{
+ echo '{"snortgeneralsettings":"fail"}';
+ }
}
-';
-$snortJsonReturnCode_fail = '
+// row from db by uuid
+if ($_POST['snortSidRuleEdit'] == 1)
{
-"snortgeneralsettings": "fail"
+
+ unset($_POST['snortSidRuleEdit']);
+
+ snortSidStringRuleEditGUI();
+
}
-';
-
- function snortJsonReturnCode($returnStatus)
- {
-
- if ($returnStatus == true)
- {
- echo '
- {
- "snortgeneralsettings": "success", "snortUnhideTabs": "true"
- }
- ';
- }else{
- echo '
- {
- "snortgeneralsettings": "fail"
- }
- ';
- }
-
- }
- // row from db by uuid
+// row from db by uuid
if ($_POST['snortSaveRuleSets'] == 1)
{
- // unset POSTs that are markers not in db
- unset($_POST['snortSaveSettings']);
- unset($_POST['ifaceTab']);
+ if ($_POST['ifaceTab'] == 'snort_rulesets')
+ {
+ // unset POSTs that are markers not in db
+ unset($_POST['snortSaveRuleSets']);
+ unset($_POST['ifaceTab']);
+
+ snortJsonReturnCode(snortSql_updateRuleSetList());
+
+ }
+
+
+ if ($_POST['ifaceTab'] == 'snort_rules')
+ {
+ // unset POSTs that are markers not in db
+ unset($_POST['snortSaveRuleSets']);
+ unset($_POST['ifaceTab']);
+
+ snortJsonReturnCode(snortSql_updateRuleSigList());
+ }
- if(snortSql_updateRuleSetList($_POST['dbName'], $_POST['dbTable'], $_POST['filenamcheckbox'], $_POST['ifaceuuid']))
- {
- echo $snortJsonReturnCode_success;
- return true;
- }else{
- echo $snortJsonReturnCode_fail;
- return false;
- }
} // END of rulesSets
diff --git a/config/snort-dev/snort_new.inc b/config/snort-dev/snort_new.inc
index a437db09..9f318af0 100644
--- a/config/snort-dev/snort_new.inc
+++ b/config/snort-dev/snort_new.inc
@@ -6,9 +6,250 @@ if(isset($_POST['__csrf_magic']))
unset($_POST['__csrf_magic']);
}
+// Wites selected sig to file
+function snortSidStringRuleEditGUI()
+{
+
+ $workingFile = '/usr/local/etc/snort/sn_' . $_POST['snortSidRuleIface'] . '/rules/' . $_POST['snortSidRuleFile'];
+
+ $splitcontents = split_rule_file($workingFile);
+
+ if (!empty($splitcontents))
+ {
+ $sidLinePosPre = exec('/usr/bin/sed -n /sid:' . $_POST['snortSidNum'] . '\;/= ' . $workingFile);
+ $sidLinePos = $sidLinePosPre - 1;
+
+ $splitcontents[$sidLinePos] = $_POST['sidstring'];
+
+
+ write_rule_file($splitcontents, $workingFile);
+
+ return true;
+ }
+
+ return false;
+
+}
+
+function sendSidStringRuleEditGUI()
+{
+
+ $sidCall = exec('sed -n "/alert.*sid:' . $_GET['sid'] . ';.*/p" /usr/local/etc/snort/sn_' . $_GET['snortIface'] . '/rules/' . $_GET['snortRuleFile']);
+ $sidCallJsonFilter = escapeJsonString($sidCall);
+
+ echo '{"sidstring":' . '"' . $sidCallJsonFilter . '","sid":' . '"' . $_GET['sid'] . '"}';
+ return true;
+}
+
+
+function escapeJsonString($escapeString)
+{
+ $search = array('\\', '\n', '\r', '\u', '\t', '\f', '\b', '/', '"');
+ $replace = array('\\\\', '\\n', '\\r', '\\u', '\\t', '\\f', '\\b', '\/', '\"');
+ $encoded_string = str_replace($search, $replace, $escapeString);
+
+ return $encoded_string;
+
+}
+
+// limit the length of the given string to $MAX_LENGTH char
+function trimLength($s) {
+
+
+ $MAX_LENGTH = 13;
+ $str_to_count = $s;
+ if (strlen($str_to_count) <= $MAX_LENGTH) {
+ return $s;
+ }
+
+ $s2 = substr($str_to_count, 0, $MAX_LENGTH - 3);
+ $s2 .= "...";
+ return $s2;
+}
+
+
+// builds base array with sid etc....
+function newFilterRuleSig($baseruleArray)
+{
+
+ function get_middle($source, $beginning, $ending, $init_pos)
+ {
+ $beginning_pos = strpos($source, $beginning, $init_pos);
+ $middle_pos = $beginning_pos + strlen($beginning);
+ $ending_pos = strpos($source, $ending, $beginning_pos);
+ $middle = substr($source, $middle_pos, $ending_pos - $middle_pos);
+ return $middle;
+ }
+
+
+ $i = 0;
+ $newSigArray[] = array();
+ foreach ( $baseruleArray as $value )
+ {
+
+ // add sid
+ $newSigArray[$i]['sid'] = get_middle($value, 'sid:', ';', 0);
+
+ // remove whitespaces
+ $rmWhitespaces = preg_replace('/\s\s+/', ' ', $value);
+ // remove whitespace betwin # aerrt
+ $rmAlertWhitespace = preg_replace('/^# alert/', '#alert', $rmWhitespaces);
+ $splitcontents = explode(' ', $rmAlertWhitespace);
+
+ // enable or disable
+ if ($splitcontents[0] === '#alert')
+ {
+ $newSigArray[$i]['enable'] = 'off';
+ }else{
+ $newSigArray[$i]['enable'] = 'on';
+ }
+
+ // proto
+ $newSigArray[$i]['proto'] = $splitcontents[1];
+
+ // source
+ $newSigArray[$i]['src'] = trimLength($splitcontents[2]);
+
+ // source port
+ $newSigArray[$i]['srcport'] = trimLength($splitcontents[3]);
+
+ // Destination
+ $newSigArray[$i]['dst'] = trimLength($splitcontents[5]);
+
+ // Destination port
+ $newSigArray[$i]['dstport'] = trimLength($splitcontents[6]);
+
+ // sig message
+ $newSigArray[$i]['msg'] = get_middle($value, 'msg:"', '";', 0);
+
+ $i++;
+ }
+
+ return $newSigArray;
+}
+
+
+function split_rule_file($workingFile)
+{
+ $filehandle = fopen($workingFile, "r");
+ $contents = fread($filehandle, filesize($workingFile));
+
+ fclose ($filehandle);
+
+ $delimiter = "\n";
+
+ $splitcontents = explode($delimiter, $contents);
+
+ return $splitcontents;
+}
+
+
+// write rule file to disk
+function write_rule_file($content_changed, $received_file)
+{
+ //read snort file with writing enabled
+ $filehandle = fopen($received_file, "w");
+
+ //delimiter for each new rule is a new line
+ $delimiter = "\n";
+
+ //implode the array back into a string for writing purposes
+ $fullfile = implode($delimiter, $content_changed);
+
+ //write data to file
+ fwrite($filehandle, $fullfile);
+
+ //close file handle
+ fclose($filehandle);
+
+}
// Save ruleSets settings
+function snortSql_updateRuleSigList()
+{
+
+ $snortDir = '/usr/local/etc/snort/sn_' . $_SESSION['snort']['tmp']['snort_rules']['ifaceuuid'] . '_' . $_SESSION['snort']['tmp']['snort_rules']['ifaceselected'];
+
+ // selected snort rule file
+ $workingFile = $snortDir . '/rules/' . $_SESSION['snort']['tmp']['snort_rules']['rulefile'];
+
+ $splitcontents = split_rule_file($workingFile);
+
+ // open rule file and change enable/disable sids
+ function read_rule_file($splitcontents, $enableSigsArray, $disableSigsArray)
+ {
+
+ foreach ($splitcontents as $sigLine)
+ {
+ $replaceChars = array('/sid:/', '/;/');
+ preg_match('/sid:[0-9]*;/', $sigLine, $matches);
+ $sidLine = preg_replace($replaceChars, '', $matches[0]);
+
+
+ if ($sidLine == '')
+ {
+ $tempstring[] = $sigLine;
+ }else{
+
+ if (in_array($sidLine, $enableSigsArray))
+ {
+ $tempstring[] = str_replace("# alert", "alert", $sigLine);
+ }
+
+ if (in_array($sidLine, $disableSigsArray))
+ {
+ $tempstring[] = str_replace("alert", "# alert", $sigLine);
+ }
+
+ if (!in_array($sidLine, $enableSigsArray) && !in_array($sidLine, $disableSigsArray))
+ {
+ $tempstring[] = $sigLine;
+ }
+ }
+ }
+
+ return $tempstring;
+ }
+
+ // build user selected enbled and disabled arrays
+ $enableSigsArray = array();
+ $disableSigsArray = array();
+
+ if (!isset($_POST['filenamcheckbox2']))
+ {
+ $_POST['filenamcheckbox2'] = array();
+ }
+
+ $newFilterRuleSigArray = newFilterRuleSig($splitcontents);
+
+ foreach ($newFilterRuleSigArray as $sigArray)
+ {
+ // enable sig
+ if(in_array($sigArray['sid'], $_POST['filenamcheckbox2']) && $sigArray['enable'] == 'off')
+ {
+ $enableSigsArray[] = $sigArray['sid'];
+ }
+
+ // disable sig
+ if(!in_array($sigArray['sid'], $_POST['filenamcheckbox2']) && $sigArray['enable'] == 'on')
+ {
+ $disableSigsArray[] = $sigArray['sid'];
+ }
+ }
+
+ // read rule file change disable/enable then write to file if arrays are not empty
+ if (!empty($enableSigsArray) || !empty($disableSigsArray))
+ {
+ write_rule_file(read_rule_file($splitcontents, $enableSigsArray, $disableSigsArray), $workingFile);
+ }
+
+ return true;
+
+
+} // END Save ruleSets settings
+
+// Save ruleSets settings
function snortSql_updateRuleSetList($dbname, $table, $ruleSetfilenames, $ifaceuuid)
{
@@ -798,14 +1039,10 @@ function snortScanDirFilter($path, $filtername)
{
$filterDirList[] = $val;
}
-
}
- unset($listDir);
-
+ unset($listDir);
}
-
- return $filterDirList;
-
+ return $filterDirList;
}
?>
diff --git a/config/snort-dev/snort_rules.php b/config/snort-dev/snort_rules.php
new file mode 100644
index 00000000..e030173d
--- /dev/null
+++ b/config/snort-dev/snort_rules.php
@@ -0,0 +1,517 @@
+<?php
+/* $Id$ */
+/*
+ snort_interfaces.php
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Pfsense snort GUI
+ Copyright (C) 2008-2011 Robert Zelaya.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort_new.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
+
+// set page vars
+
+$uuid = $_GET['uuid'];
+if (isset($_POST['uuid']))
+$uuid = $_POST['uuid'];
+
+if ($uuid == '') {
+ echo 'error: no uuid';
+ exit(0);
+}
+
+// unset Session tmp on page load
+unset($_SESSION['snort']['tmp']);
+
+// list rules in the default dir
+$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid);
+
+$snortRuleDir = '/usr/local/etc/snort/sn_' . $uuid . '_' . $a_list['interface'];
+
+ // list rules in the default dir
+ $filterDirList = array();
+ $filterDirList = snortScanDirFilter($snortRuleDir . '/rules', '.rules');
+
+ // START read rule file
+ if ($_GET['openruleset'])
+ {
+ $rulefile = $_GET['openruleset'];
+ }else{
+ $rulefile = $filterDirList[0];
+ }
+
+ $workingFile = $snortRuleDir . '/rules/' . $rulefile;
+
+ //split the contents of the string file into an array using the delimiter
+ // used by rule gui edit and table build code
+ $splitcontents = split_rule_file($workingFile);
+
+function load_rule_file($incoming_file, $splitcontents)
+{
+
+ //read snort file
+ $filehandle = fopen($incoming_file, "r");
+
+ //read file into string, and get filesize
+ $contents = fread($filehandle, filesize($incoming_file));
+
+ //close handler
+ fclose ($filehandle);
+
+
+ $pattern = '/(^alert |^# alert )/';
+ foreach ( $splitcontents as $val )
+ {
+ // remove whitespaces
+ $rmWhitespaces = preg_replace('/\s\s+/', ' ', $val);
+
+ // filter none alerts
+ if (preg_match($pattern, $rmWhitespaces))
+ {
+ $splitcontents2[] = $val;
+ }
+
+ }
+ unset($splitcontents);
+
+ return $splitcontents2;
+
+}
+
+ //Load the rule file
+ $splitcontents2 = load_rule_file($workingFile, $splitcontents);
+
+ $countSig = count($splitcontents2);
+
+ if ($countSig > 0)
+ {
+ $newFilterRuleSigArray = newFilterRuleSig($splitcontents2);
+ }
+
+ /*
+ * SET GLOBAL ARRAY $_SESSION['snort']
+ */
+ $_SESSION['snort']['tmp']['snort_rules']['dbName'] = 'snortDBrules';
+ $_SESSION['snort']['tmp']['snort_rules']['dbTable'] = 'SnortruleSigs';
+ $_SESSION['snort']['tmp']['snort_rules']['ifaceuuid'] = $uuid;
+ $_SESSION['snort']['tmp']['snort_rules']['ifaceselected'] = $a_list['interface'];
+ $_SESSION['snort']['tmp']['snort_rules']['rulefile'] = $rulefile;
+
+
+// find ./ -name test.txt | xargs grep "^disablesid 127 "
+
+ $pgtitle = "Snort: Category: rule: $rulefile";
+ include("/usr/local/pkg/snort/snort_head.inc");
+
+?>
+
+
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+
+
+<div id="loadingWaiting">
+ <p class="loadingWaitingMessage"><img src="./images/loading.gif" /> <br>Please Wait...</p>
+</div>
+
+<div id="loadingRuleEditGUI">
+
+ <div class="loadingRuleEditGUIDiv">
+ <form id="iform2" action="">
+ <input type="hidden" name="snortSidRuleEdit" value="1" />
+ <input type="hidden" name="snortSidRuleIface" value="<?=$uuid . '_' . $a_list['interface']; ?>" /> <!-- what to do, save -->
+ <input type="hidden" name="snortSidRuleFile" value="<?=$rulefile; ?>" /> <!-- what to do, save -->
+ <input type="hidden" name="snortSidNum" value="" /> <!-- what to do, save -->
+ <table width="100%" cellpadding="9" cellspacing="9" bgcolor="#eeeeee">
+ <tr>
+ <td>
+ <input name="save" type="submit" class="formbtn" id="save" value="Save" />
+ <input type="button" class="formbtn closeRuleEditGUI" value="Close" >
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <textarea id="sidstring" name="sidstring" wrap="off" style="width: 98%; margin: 7px;" rows="1" cols="" ></textarea> <!-- SID to EDIT -->
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <textarea wrap="off" style="width: 98%; margin: 7px;" rows="<?php if(count($splitcontents) > 24){echo 24;}else{echo count($splitcontents);} ?>" cols="" disabled >
+
+ <?php
+
+ echo "\n";
+
+ foreach ($splitcontents as $sidLineGui)
+
+ echo $sidLineGui . "\n";
+
+
+
+ ?>
+ </textarea> <!-- Display rule file -->
+ </td>
+ </tr>
+ </table>
+ <table width="100%" cellpadding="9" cellspacing="9" bgcolor="#eeeeee">
+ <tr>
+ <td>
+ <input name="save" type="submit" class="formbtn" id="save" value="Save" />
+ <input type="button" class="formbtn closeRuleEditGUI" value="Close" >
+ </td>
+ </tr>
+ </table>
+ </form>
+ </div>
+
+
+</div>
+
+<?php include("fbegin.inc"); ?>
+
+<div class="body2"><!-- hack to fix the hardcoed fbegin link in header -->
+<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td>
+
+ <div class="newtabmenu" style="margin: 1px 0px; width: 790px;"><!-- Tabbed bar code-->
+ <ul class="newtabmenu">
+ <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li>
+ <li><a href="/snort/snort_interfaces_edit.php?uuid=<?=$uuid;?>"><span>If Settings</span></a></li>
+ <li><a href="/snort/snort_rulesets.php?uuid=<?=$uuid;?>"><span>Categories</span></a></li>
+ <li class="newtabmenu_active"><a href="/snort/snort_rules.php?uuid=<?=$uuid;?>"><span>Rules</span></a></li>
+ <li><a href="/snort/snort_define_servers.php?uuid=<?=$uuid;?>"><span>Servers</span></a></li>
+ <li><a href="/snort/snort_preprocessors.php?uuid=<?=$uuid;?>"><span>Preprocessors</span></a></li>
+ <li><a href="/snort/snort_barnyard.php?uuid=<?=$uuid;?>"><span>Barnyard2</span></a></li>
+ </ul>
+ </div>
+
+ </td>
+ </tr>
+ <tr>
+ <td id="tdbggrey">
+ <div style="width:780px; margin-left: auto ; margin-right: auto ; padding-top: 10px; padding-bottom: 10px;">
+ <!-- START MAIN AREA -->
+
+
+ <!-- start Interface Satus -->
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr id="maintable77" >
+ <td colspan="2" valign="top" class="listtopic2">
+ Category:
+ <select name="selectbox" class="formfld" >
+ <?php
+ $i=0;
+ foreach ($filterDirList as $value)
+ {
+ $selectedruleset = '';
+ if ($value === $rulefile)
+ {
+ $selectedruleset = 'selected';
+ }
+
+ echo "\n" . '<option value="?uuid=' . $uuid . '&openruleset=' . $ruledir . $value . '" ' . $selectedruleset . ' >' . $value . '</option>' . "\r";
+
+ $i++;
+
+ }
+ ?>
+ </select>
+ There are <?=$countSig; ?> rules in this category.
+ </td>
+ <td width="6%" colspan="2" valign="middle" class="listtopic3" >
+ <a href="snort_interfaces_edit.php?uuid=<?=$new_ruleUUID;?>">
+ <img style="padding-left:3px;" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add rule">
+ </a>
+ </td>
+ </tr>
+ </table>
+<br>
+
+ <!-- Save all inputs -->
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td>
+ <input id="select_all" type="button" class="formbtn" value="Select All" >
+ <input id="deselect_all" type="button" class="formbtn" value="Deselect All" >
+ </td>
+ </tr>
+ </table>
+
+<br>
+
+ <!-- start User Interface -->
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr id="maintable77" >
+ <td colspan="2" valign="top" class="listtopic">Snort Signatures:</td>
+ </tr>
+ </table>
+
+ <form id="iform" action="">
+ <table class="vncell2" width="100%" border="0" cellpadding="0" cellspacing="0">
+
+ <td class="list" colspan="8"></td>
+ <td class="list" valign="middle" >
+
+ <tr id="frheader" >
+ <td width="1%" class="listhdrr2">On</td>
+ <td width="1%" class="listhdrr2">Sid</td>
+ <td width="1%" class="listhdrr2">Proto</td>
+ <td width="1%" class="listhdrr2">Src</td>
+ <td width="1%" class="listhdrr2">Port</td>
+ <td width="1%" class="listhdrr2">Dst</td>
+ <td width="1%" class="listhdrr2">Port</td>
+ <td width="20%" class="listhdrr2">Message</td>
+ <td width="1%" class="listhdrr2">&nbsp;</td>
+ </tr>
+ <form id="iform" action="" >
+ <input type="hidden" name="snortSaveRuleSets" value="1" /> <!-- what to do, save -->
+ <input type="hidden" name="ifaceTab" value="snort_rules" /> <!-- what interface tab -->
+
+ <!-- START javascript sid loop here -->
+ <tbody class="rulesetloopblock">
+
+
+
+ </tbody>
+ <!-- STOP javascript sid loop here -->
+
+ </td>
+ <td class="list" colspan="8"></td>
+
+ </table>
+ <br>
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td>
+ <input name="Submit" type="submit" class="formbtn" value="Save">
+ <input id="cancel" type="button" class="formbtn" value="Cancel">
+ </td>
+ </tr>
+ </table>
+ <br>
+ </form>
+
+ <!-- stop snortsam -->
+
+ <!-- STOP MAIN AREA -->
+ </div>
+ </td>
+ </tr>
+</table>
+</form>
+</div>
+
+<!-- start info box -->
+
+<br>
+
+<div style="width:790px; background-color: #dddddd;" id="mainarea4">
+<div style="width:780px; margin-left: auto ; margin-right: auto ; padding-top: 10px; padding-bottom: 10px;">
+<table class="vncell2" width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td>&nbsp;&nbsp;&nbsp;</td>
+ </tr>
+ <tr >
+ <td width="100%">
+ <span class="red"><strong>Note:</strong></span> <br>
+ This is the <strong>Snort Rule Signature Viewer</strong>.
+ Please make sure not to add a <strong>whitespace</strong> before <strong>alert</strong> or <strong>#alert</strong>.
+ <br>
+ <br>
+ <span class="red"><strong>Warning:</strong></span>
+ <br>
+ <strong>New settings will not take effect until interface restart.</strong>
+ <br><br>
+ </td>
+ </tr>
+</table>
+</div>
+</div>
+
+
+<script type="text/javascript">
+
+
+//prepare the form when the DOM is ready
+jQuery(document).ready(function() {
+
+ // NOTE: needs to be watched
+ // change url on selected dropdown rule
+ jQuery('select[name=selectbox]').change(function() {
+ window.location.replace(jQuery(this).val());
+ });
+
+<?php
+
+ /*
+ * NOTE:
+ * I could have used a php loop to build the table but I wanted to see if off loading to client is faster.
+ * Seems to be faster on embeded systems with low specs. On higher end systems there is no difference that I can see.
+ * WARNING:
+ * If Json string is to long browsers start asking to terminate javascript.
+ * FIX:
+ * Use julienlecomte()net/blog/2007/10/28/, the more reading I do about this subject it seems that off loading to a client is not recomended.
+ */
+ if (!empty($newFilterRuleSigArray))
+ {
+ $countSigList = count($newFilterRuleSigArray);
+
+ echo "\n";
+
+ echo 'var snortObjlist = [';
+ $i = 0;
+ foreach ($newFilterRuleSigArray as $val3)
+ {
+
+ $i++;
+
+ if ( $i !== $countSigList )
+ {//
+ echo '{"sid":"' . $val3['sid'] . '","enable":"' . $val3['enable'] . '","proto":"' . $val3['proto'] . '","src":"' . $val3['src'] . '","srcport":"' . $val3['srcport'] . '","dst":"' . $val3['dst'] . '", "dstport":"' . $val3['dstport'] . '","msg":"' . escapeJsonString($val3['msg']) . '"},';
+ }else{
+ echo '{"sid":"' . $val3['sid'] . '","enable":"' . $val3['enable'] . '","proto":"' . $val3['proto'] . '","src":"' . $val3['src'] . '","srcport":"' . $val3['srcport'] . '","dst":"' . $val3['dst'] . '", "dstport":"' . $val3['dstport'] . '","msg":"' . escapeJsonString($val3['msg']) . '"}';
+ }
+ }
+
+ echo '];' . "\n";
+ }
+
+?>
+
+ // disable Row Append if row count is less than 0
+ var countRowAppend = <?=$countSig; ?>;
+
+ // if rowcount is not empty do this
+ if (countRowAppend > 0){
+
+ // if rowcount is more than 300
+ if (countRowAppend > 200){
+ // call to please wait
+ showLoading('#loadingWaiting');
+ }
+
+
+ // Break up append row adds by chunks of 300
+ // NOTE: ie9 is still giving me issues on deleted.rules 6000 sigs. I should break up the json code above into smaller parts.
+ incrementallyProcess(function (i){
+ // loop code goes in here
+ //console.log('loop: ', i);
+
+ if (isEven(i) === true){
+ var rowIsEvenOdd = 'odd_ruleset2';
+ }else{
+ var rowIsEvenOdd = 'even_ruleset2';
+ }
+
+ if (snortObjlist[i].enable === 'on'){
+ var rulesetChecked = 'checked';
+ }else{
+ var rulesetChecked = '';
+ }
+
+ jQuery('.rulesetloopblock').append(
+
+ "\n" + '<tr valign="top" id="fr0">' + "\n" +
+ '<td class="' + rowIsEvenOdd + '">' + "\n" +
+ '<input class="domecheck" type="checkbox" name="filenamcheckbox2[]" value="' + snortObjlist[i].sid + '" ' + rulesetChecked + ' >' + "\n" +
+ '</td>' + "\n" +
+ '<td class="' + rowIsEvenOdd + '" id="frd0" >' + snortObjlist[i].sid + '</td>' + "\n" +
+ '<td class="' + rowIsEvenOdd + '" id="frd0" >' + snortObjlist[i].proto + '</td>' + "\n" +
+ '<td class="' + rowIsEvenOdd + '" id="frd0" >' + snortObjlist[i].src + '</td>' + "\n" +
+ '<td class="' + rowIsEvenOdd + '" id="frd0" >' + snortObjlist[i].srcport + '</td>' + "\n" +
+ '<td class="' + rowIsEvenOdd + '" id="frd0" >' + snortObjlist[i].dst + '</td>' + "\n" +
+ '<td class="' + rowIsEvenOdd + '" id="frd0" >' + snortObjlist[i].dstport + '</td>' + "\n" +
+ '<td class="listbg" id="frd0" ><font color="white">' + snortObjlist[i].msg + '</font></td>' + "\n" +
+ '<td class="' + rowIsEvenOdd+ '">' + "\n" +
+ '<img id="' + snortObjlist[i].sid + '" class="icon_click showeditrulegui" src="/themes/<?=$g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit rule">' + "\n" +
+ '</td>' + "\n" +
+ '</tr>' + "\n"
+
+ );
+
+ },
+ snortObjlist, // Object to work with the case Json object
+ 500, // chunk size
+ 200, // how many secs to wait
+ function (){
+ // things that happen after the processing is done go here
+ // console.log('done!');
+
+ // if rowcount is more than 300
+ if (countRowAppend > 200){
+ // call to please wait
+ hideLoading('#loadingWaiting');
+ }
+
+ });
+ } // end of if stopRowAppend
+
+ // On click show rule edit GUI
+ jQuery('.showeditrulegui').live('click', function(){
+
+ // Get sid
+ jQuery.getJSON('/snort/snort_json_get.php',
+ {
+ "snortGetSidString": "1",
+ "snortIface": "<?=$uuid . '_' . $a_list['interface']; ?>",
+ "snortRuleFile": "<?=$rulefile; ?>",
+ "sid": jQuery(this).attr('id')
+ },
+ function(data){
+ jQuery("textarea#sidstring").val(data.sidstring); // add string to textarea
+ jQuery("input[name=snortSidNum]").val(data.sid); // add sid to input
+ showLoading('#loadingRuleEditGUI');
+ });
+ });
+
+ jQuery('.closeRuleEditGUI').live('click', function(){
+ hideLoading('#loadingRuleEditGUI');
+ });
+
+
+}); // end of document ready
+
+</script>
+
+
+<!-- stop info box -->
+
+<!-- footer do not touch below -->
+<?php
+include("fend.inc");
+echo $snort_custom_rnd_box;
+?>
+
+
+</body>
+</html>
diff --git a/config/snort-dev/snort_rulesets.php b/config/snort-dev/snort_rulesets.php
new file mode 100644
index 00000000..9d41eb0b
--- /dev/null
+++ b/config/snort-dev/snort_rulesets.php
@@ -0,0 +1,278 @@
+<?php
+/* $Id$ */
+/*
+ snort_interfaces.php
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ Copyright (C) 2008-2009 Robert Zelaya.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort_new.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
+
+// set page vars
+
+$uuid = $_GET['uuid'];
+if (isset($_POST['uuid']))
+$uuid = $_POST['uuid'];
+
+if ($uuid == '') {
+ echo 'error: no uuid';
+ exit(0);
+}
+
+$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid);
+
+ // list rules in the default dir
+ $filterDirList = array();
+ $filterDirList = snortScanDirFilter('/usr/local/etc/snort/sn_' . $uuid . '_' . $a_list['interface'] . '/rules', '.rules');
+
+ // list rules in db that are on in a array
+ $listOnRules = array();
+ $listOnRules = snortSql_fetchAllSettings('snortDBrules', 'SnortRuleSets', 'ifaceuuid', $uuid);
+
+ if (!empty($listOnRules))
+ {
+ foreach ( $listOnRules as $val2 )
+ {
+ if ($val2['enable'] == 'on')
+ {
+ $rulesetOn[] = $val2['rulesetname'];
+ }
+ }
+ unset($listOnRules);
+ }
+
+ $pgtitle = "Snort: Interface Rule Categories";
+ include("/usr/local/pkg/snort/snort_head.inc");
+
+?>
+
+
+
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+
+<script type="text/javascript">
+
+//prepare the form when the DOM is ready
+jQuery(document).ready(function() {
+
+ <?php
+ /*
+ * NOTE: I could have used a php loop to build the table but off loading to client is faster
+ * use jQuery jason parse, make sure its in one line
+ */
+ if (!empty($filterDirList))
+ {
+ $countDirList = count($filterDirList);
+
+ echo "\n";
+
+ echo 'var snortObjlist = jQuery.parseJSON(\' { "ruleSets": [ ';
+ $i = 0;
+ foreach ($filterDirList as $val3)
+ {
+
+ $i++;
+
+ // if list ruleset is in the db ON mark it checked
+ $rulesetOnChecked = 'off';
+ if(!empty($rulesetOn))
+ {
+ if (in_array($val3, $rulesetOn))
+ {
+ $rulesetOnChecked = 'on';
+ }
+ }
+
+ if ( $i !== $countDirList )
+ {
+ echo '{"rule": ' . '"' . $val3 . '", ' . '"enable": ' . '"' . $rulesetOnChecked . '"' . '}, ';
+ }else{
+ echo '{"rule": "' . $val3 . '", ' . '"enable": ' . '"' . $rulesetOnChecked . '"' . '} ';
+ }
+ }
+
+ echo ' ]}\');' . "\n";
+ }
+
+
+
+ ?>
+
+ // loop through object, dont use .each in jQuery as its slow
+ if(snortObjlist.ruleSets.length > 0)
+ {
+ for (var i = 0; i < snortObjlist.ruleSets.length; i++)
+ {
+
+ if (isEven(i) === true)
+ {
+ var rowIsEvenOdd = 'even_ruleset';
+ }else{
+ var rowIsEvenOdd = 'odd_ruleset';
+ }
+
+ if (snortObjlist.ruleSets[i].enable === 'on')
+ {
+ var rulesetChecked = 'checked';
+ }else{
+ var rulesetChecked = '';
+ }
+
+ jQuery('.rulesetloopblock').append(
+ "\n" + '<tr>' + "\n" +
+ '<td class="' + rowIsEvenOdd + '" align="center" valign="top" width="9%">' + "\n" +
+ ' <input class="domecheck" name="filenamcheckbox[]" value="' + snortObjlist.ruleSets[i].rule + '" type="checkbox" ' + rulesetChecked + ' >' + "\n" +
+ '</td>' + "\n" +
+ '<td class="' + rowIsEvenOdd + '">' + "\n" +
+ ' <a href="snort_rules.php?uuid=0&amp;openruleset=//usr//local//etc//snort//snort_44035_em0//rules//attack-responses.rules">' + snortObjlist.ruleSets[i].rule + '</a>' + "\n" +
+ '</td>' + "\n" +
+ '</tr>' + "\n\n"
+ );
+ };
+ }
+
+
+}); // end of document ready
+
+</script>
+
+
+
+
+<div id="loadingWaiting">
+ <p class="loadingWaitingMessage"><img src="./images/loading.gif" /> <br>Please Wait...</p>
+</div>
+
+<?php include("fbegin.inc"); ?>
+
+<div class="body2"><!-- hack to fix the hardcoed fbegin link in header -->
+<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0" alt="transgif" ></img></a></div>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td>
+
+ <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
+ <ul class="newtabmenu">
+ <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li>
+ <li><a href="/snort/snort_interfaces_edit.php?uuid=<?=$uuid;?>"><span>If Settings</span></a></li>
+ <li class="newtabmenu_active"><a href="/snort/snort_rulesets.php?uuid=<?=$uuid;?>"><span>Categories</span></a></li>
+ <li><a href="/snort/snort_rules.php?uuid=<?=$uuid;?>"><span>Rules</span></a></li>
+ <li><a href="/snort/snort_define_servers.php?uuid=<?=$uuid;?>"><span>Servers</span></a></li>
+ <li><a href="/snort/snort_preprocessors.php?uuid=<?=$uuid;?>"><span>Preprocessors</span></a></li>
+ <li><a href="/snort/snort_barnyard.php?uuid=<?=$uuid;?>"><span>Barnyard2</span></a></li>
+ </ul>
+ </div>
+
+ </td>
+ </tr>
+ <tr>
+ <td id="tdbggrey">
+ <table width="100%" border="0" cellpadding="10px" cellspacing="0">
+ <tr>
+ <td class="tabnavtbl">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0" >
+ <!-- START MAIN AREA -->
+
+
+
+ <table width="100%" border="0" cellpadding="0" cellspacing="0" >
+ <tr>
+ <td>
+ </td>
+ <td>
+ <input id="select_all" type="button" class="formbtn" value="Select All" >
+ <input id="deselect_all" type="button" class="formbtn" value="Deselect All" >
+ </td>
+ </tr>
+ </table>
+
+ <div id="checkboxdo" style="width:750px; margin-left: auto ; margin-right: auto ; padding-top: 10px; padding-bottom: 0px;">
+ <form id="iform" action="" >
+ <input type="hidden" name="snortSaveRuleSets" value="1" /> <!-- what to do, save -->
+ <input type="hidden" name="dbName" value="snortDBrules" /> <!-- what db-->
+ <input type="hidden" name="dbTable" value="SnortruleSets" /> <!-- what db table-->
+ <input type="hidden" name="ifaceTab" value="snort_rulesets" /> <!-- what interface tab -->
+ <input type="hidden" name="ifaceuuid" value="<?=$uuid; ?>" /> <!-- what interface to save for -->
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+
+ <tr >
+ <td width="5%" class="listtopic">Enabled</td>
+ <td class="listtopic">Ruleset: Rules that end with "so.rules" are shared object rules.</td>
+ </tr>
+ <table class="rulesetbkg" width="100%">
+
+ <tbody class="rulesetloopblock" >
+ <!-- javscript loop table build here -->
+ </tbody>
+
+ </table>
+ <table class="vncell1" width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td class="listtopic" >Check the rulesets that you would like Snort to load at startup.</td>
+ </tr>
+ </table>
+ <tr>
+ <td>
+ <input name="Submit" type="submit" class="formbtn" value="Save">
+ <input id="cancel" type="button" class="formbtn" value="Cancel">
+ </td>
+ </tr>
+ <tr>
+ <td width="78%">
+ <span class="vexpl"><span class="red"><strong>Note:</strong></span>
+ Please save your settings before you click start.</span>
+ </td>
+ </tr>
+
+ </table>
+ </form>
+ </div>
+
+ <!-- STOP MAIN AREA -->
+ </table>
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+</table>
+</div>
+
+<!-- footer do not touch below -->
+<?php
+include("fend.inc");
+echo $snort_custom_rnd_box;
+?>
+
+
+</body>
+</html>
+
diff --git a/config/snort-dev/testing.php b/config/snort-dev/testing.php
deleted file mode 100644
index f36a9edd..00000000
--- a/config/snort-dev/testing.php
+++ /dev/null
@@ -1,28 +0,0 @@
-<?php
-
-require_once("/usr/local/pkg/snort/snort_new.inc");
-
-// set page vars
-
-$a_whitelist = snortSql_fetchAllWhitelistTypes('SnortWhitelist', 'SnortWhitelistips');
-
-$a_suppresslist = snortSql_fetchAllWhitelistTypes('SnortSuppress', '');
-
-//$a_whitelist = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', '42770');
-
- echo '<pre>' . "\n\n";
-
- print_r($a_suppresst);
-
- //foreach ($a_whitelist as $value)
- //{
- //echo $value['filename'] . "\n";
- //}
-
- echo "\n" . '</pre>';
-
-?>
-
-
-
-