aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2012-07-14 22:00:08 +0000
committerErmal <eri@pfsense.org>2012-07-14 22:00:08 +0000
commitc3ec976f25203faa460527e114f1ce1ffe3d0397 (patch)
treea644b31c177362b059efb31eb438a5a7633a6267
parent9a65af0d848258f81a0fee1eeeb471540eac2cb2 (diff)
downloadpfsense-packages-c3ec976f25203faa460527e114f1ce1ffe3d0397.tar.gz
pfsense-packages-c3ec976f25203faa460527e114f1ce1ffe3d0397.tar.bz2
pfsense-packages-c3ec976f25203faa460527e114f1ce1ffe3d0397.zip
Reorder some fields in alert to make better bview
-rw-r--r--config/snort/snort.inc3
-rw-r--r--config/snort/snort_alerts.php20
2 files changed, 10 insertions, 13 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index fb000ced..84f6f1e1 100644
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -1287,6 +1287,9 @@ EOD;
$file = basename($file);
$snort_misc_include_rules .= "include \$PREPROC_RULE_PATH/{$file}\n";
}
+ } else {
+ $snort_misc_include_rules .= "config autogenerate_preprocessor_decoder_rules\n";
+ log_error("Seems preprocessor/decoder rules are missing, enabling autogeneration of them");
}
/* generate rule sections to load */
diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php
index ea96d673..90cc28d3 100644
--- a/config/snort/snort_alerts.php
+++ b/config/snort/snort_alerts.php
@@ -253,17 +253,14 @@ if ($pconfig['arefresh'] == 'on')
<td colspan="2">
<table id="myTable" width="100%" border="1" cellpadding="0" cellspacing="0">
<thead>
- <th class='listhdrr' width='5%' axis="number">#</th>
+ <th class='listhdr' width='10%' axis="date">Date</th>
<th class='listhdrr' width='5%' axis="number">PRI</th>
<th class='listhdrr' width='3%' axis="string">PROTO</th>
- <th class='listhdrr' width='20%' axis="string">DESCRIPTION</th>
<th class='listhdrr' width='7%' axis="string">CLASS</th>
<th class='listhdrr' width='15%' axis="string">SRC</th>
- <th class='listhdrr' width='5%' axis="string">SPORT</th>
<th class='listhdrr' width='15%' axis="string">DST</th>
- <th class='listhdrr' width='5%' axis="string">DPORT</th>
<th class='listhdrr' width='5%' axis="string">SID</th>
- <th class='listhdr' width='10%' axis="date">Date</th>
+ <th class='listhdrr' width='20%' axis="string">DESCRIPTION</th>
</thead>
<tbody>
<?php
@@ -283,7 +280,7 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
$fields = explode(",", $fileline);
/* Date */
- $alert_date = $fields[0];
+ $alert_date = substr($fields[0], 0, -8);
/* Description */
$alert_descr = $fields[4];
/* Priority */
@@ -303,15 +300,12 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
$alert_class = $fields[10];
echo "<tr id=\"{$counter}\">
- <td class='listr' width='5%' >{$counter}</td>
+ <td class='listr' width='10%'>{$alert_date}</td>
<td class='listr' width='5%' >{$alert_priority}</td>
<td class='listr' width='3%'>{$alert_proto}</td>
- <td class='listr' width='20%'>{$alert_descr}</td>
<td class='listr' width='7%' >{$alert_class}</td>
- <td class='listr' width='15%'>{$alert_ip_src}</td>
- <td class='listr' width='5%' >{$alert_src_p}</td>
- <td class='listr' width='15%'>{$alert_ip_dst}</td>
- <td class='listr' width='5%' >{$alert_dst_p}</td>
+ <td class='listr' width='15%'>{$alert_ip_src}:{$alert_src_p}</td>
+ <td class='listr' width='15%'>{$alert_ip_dst}:{$alert_dst_p}</td>
<td class='listr' width='5%' >
{$alert_sid_str}
<a href='?instance={$instanceid}&act=addsuppress&sidid={$fields[2]}&gen_id={$fields[1]}'>
@@ -319,7 +313,7 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
width='10' height='10' border='0'
title='click to add to suppress list'></a>
</td>
- <td class='listr' width='10%'>{$alert_date}</td>
+ <td class='listr' width='20%'>{$alert_descr}</td>
</tr>\n";
$counter++;